VPNFilter Malware Could Self-Destruct Over 500,000 Routers

  • Security researchers stated that over 500,000 routers in 54 countries are in danger from a newly discovered malware.
  • An older version of the VPNFilter malware has already been successful in Ukraine in the past.
  • The FBI has already taken action and has seized a big chunk of the VPNFilter infrastructure.

The Talos cybersecurity unit of Cisco released a statement on Wednesday warning Internet users about a new kind of malware. The VPNFilter malware includes a self-destruct feature which can cause over 500,000 routers in 54 countries to brick themselves when activated. The cybersecurity unit claimes that the spyware could achieve 100% success rate at self-destructing routers and the malware can also be used to gather and exfiltrate data from users. The hackers responsible for creating the malware have had a major portion of their infrastructure taken down by the FBI.

The affected devices include Netgear, MikroTik, Lynksys, and TP-Link home and business routers as well as NAS devices. Other types of routers have not been affected according to the Talon cybersecurity team. The IoT devices are immune to the malware as they can purge malware when rebooted.

The VPNFilter malware can also be used to sniff packets and allow attackers to monitor and intercept web browsing data including login credentials of websites. Researchers also suspect malware plugins similar to VPNFilter may exist that have not been discovered yet.

Network Connectivity
Image Courtesy of FlowTraq

With little to no protection in home routers and no form of anti-malware mechanisms available in commercial grade routers, average users cannot patch the vulnerabilities by themselves. Hackers can hijack firmware updates and inject malware directly when users try to update their routers with the latest firmware updates.

The security team from Cisco has offered a few solutions that can be undertaken. Users of home and office routers are recommended to reset and reboot their routers to factory default settings. Resetting routers can prevent the devices from self-destructing or allowing hackers to get access to personal data.

ISPs that provide routers to their users can reboot the routers on behalf of their users to ensure the VPNFilter malware cannot be implemented. ISPs and router manufacturers need to work together to ensure patches against the malware are provided before any large-scale attacks happen.

REVIEW OVERVIEW

Latest

How to Watch Boston Red Sox Games Online Without Cable

The Boston Red Sox are one of the most famous and popular professional sporting franchises, not just in the United States but...

Wimbledon 2022 Live Stream: How to Watch Tennis Online From Anywhere

This week, the top tennis players are preparing to participate in one of the most prestigious tennis tournaments in the world –...

How to Watch Westworld Season 4 Online From Anywhere

The fourth season of your favorite science fiction dystopian TV series is set to premiere soon, and we know you want to...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari