has infected half-a millionrouters in homes and businesses around
the world, and that malware is vicious enough to destroy the devices
with a single command.
to an announcement from Cisco on Wednesday, the malware can collect
communications and launch attacks on others.
scale and type of attack are concerning, Cisco said. It is not known
how many in the U.S. have been attacked. The announcements says the
Ukraine has been the hardest hit region so far.
with our partners, we estimate the number of infected devices to be
at least 500,000 in at least 54 countries. The known devices
affected by VPNFilter are Linksys, MikroTik, NETGEAR and TP-Link
networking equipment in the small and home office (SOHO) space, as
well at QNAP network-attached storage (NAS) devices. No other
vendors, including Cisco, have been observed as infected by
VPNFilter, but our research continues."
malware can steal website credentials and perform destructive cyber
attacks, the announcement states.
malware can also be leveraged to collect data that flows through the
device. This could be for straightforward data-collection purposes,
or to assess the potential value of the network that the device
serves," the announcement says."If the network was deemed as having
information of potential interest to the threat actor, they may
choose to continue collecting content that passes through the device
or to propagate into the connected network for data collection."
to protect your router
of SOHO routers and/or NAS devices reset them to factory defaults
and reboot them in order to remove the potentially destructive,
non-persistent stage 2 and stage 3 malware.
more of this announcement here.