VPNFilter Malware Could Self-Destruct Over 500,000 Routers

  • Security researchers stated that over 500,000 routers in 54 countries are in danger from a newly discovered malware.
  • An older version of the VPNFilter malware has already been successful in Ukraine in the past.
  • The FBI has already taken action and has seized a big chunk of the VPNFilter infrastructure.

The Talos cybersecurity unit of Cisco released a statement on Wednesday warning Internet users about a new kind of malware. The VPNFilter malware includes a self-destruct feature which can cause over 500,000 routers in 54 countries to brick themselves when activated. The cybersecurity unit claimes that the spyware could achieve 100% success rate at self-destructing routers and the malware can also be used to gather and exfiltrate data from users. The hackers responsible for creating the malware have had a major portion of their infrastructure taken down by the FBI.

The affected devices include Netgear, MikroTik, Lynksys, and TP-Link home and business routers as well as NAS devices. Other types of routers have not been affected according to the Talon cybersecurity team. The IoT devices are immune to the malware as they can purge malware when rebooted.

The VPNFilter malware can also be used to sniff packets and allow attackers to monitor and intercept web browsing data including login credentials of websites. Researchers also suspect malware plugins similar to VPNFilter may exist that have not been discovered yet.

Network Connectivity
Image Courtesy of FlowTraq

With little to no protection in home routers and no form of anti-malware mechanisms available in commercial grade routers, average users cannot patch the vulnerabilities by themselves. Hackers can hijack firmware updates and inject malware directly when users try to update their routers with the latest firmware updates.

The security team from Cisco has offered a few solutions that can be undertaken. Users of home and office routers are recommended to reset and reboot their routers to factory default settings. Resetting routers can prevent the devices from self-destructing or allowing hackers to get access to personal data.

ISPs that provide routers to their users can reboot the routers on behalf of their users to ensure the VPNFilter malware cannot be implemented. ISPs and router manufacturers need to work together to ensure patches against the malware are provided before any large-scale attacks happen.

REVIEW OVERVIEW

Recent Articles

TrickBot Malware Has Updated Itself With Anti-Analysis Features

TrickBot is now checking what resolution it’s running on and stops if it’s an unusually low setting. The notorious trojan is checking for...

Top Selfie Beautification Apps Available in India Right Now

The ax of the Indian government has cut even the popular selfie beautification image apps “YouCan Makeup,” “Selfie City,” and “Meitu,” in the context...

Top 5 Alternatives for the “DU Battery Saver” That Was Banned in India

Due to the recent ban of 59 Chinese apps imposed by the Indian government, the “DU Battery Saver” has been blocked in the country....

These Are the Best Alternatives to “Mobile Legends” in India

The wave of Chinese app bans in India has swept “Mobile Legends,” too, and MOBA (multiplayer online battle arena) lovers are now looking for...

How to Watch ‘iHeartCountry 4th of July BBQ’ Live Online

The iHeartCountry 4th of July BBQ is just around the corner, and we are super-eager to watch the event online. Let's figure out how...