According to reports, a malware has already infected more than 500,000 routers and in more 50 countries. FBI is urging home owners and small businesses to reboot their routers right now. The VPNFilter malware was discovered by Cisco’s security researchers and affects routers made by Linksys, Mikrotik, Netgear, QNAP, and TP-Link.
Reuters reported that the U.S. Department of Justice claim that the authors of the VPNFilter were part of the Sofacy group that answered directly to the Russian government and that Ukraine was the likely target of the attack.
Cisco reported that “The VPNFilter malware is a multistage, modular platform with versatile capabilities to support both intelligence collection and destructive cyberattack operations,”
“Because the malware could collect data from the user and even perform a large -scale destructive attack, Cisco recommends that owners of SOHO or network attached storage (NAS) devices be especially cautious with this type of attack. And since it’s unclear how compromised devices were infected in the first place, officials are urging users of all routers and NAS devices, not just the 14 devices identified by Cisco, to reboot.
New VPNFilter malware targets at least 500K networking devices worldwide
“The FBI recommends any owner of small office and home office routers reboot the devices to temporarily disrupt the malware and aid the potential identification of infected devices,” FBI officials warned. “Owners are advised to consider disabling remote management settings on devices and secure with strong passwords and encryption when enabled. Network devices should be upgraded to the latest available versions of firmware.”