May 23, 2018

Russia-linked malware infected 500k routers

Routers from a variety of vendors are vulnerable to VPNFilter. Photo: Thomas Trutschel/Photothek via Getty Images

Cisco's Talos research group outlined a malware threat that has already infected 500,000 routers in 54 countries from a variety of manufacturers, with code substantially overlapping with known Russian attacks.

Why it matters: The threat, nicknamed VPNFilter, can infect Linksys, MikroTik, NETGEAR and TP-Link small business and home office routers as well as network storage devices. It can steal web site credentials, monitor commands to industrial systems and launch destructive attacks against the devices it infects. And it can do all of this beyond the reach of many types of network defenses that don't protect routers.

How it links to Russian intelligence: The code in VPNFIlter overlaps with Russia's BlackEnergy malware that has been used to attack energy infrastructure in Ukraine. The Talos report notes this is not a definitive link — another attacker may be coopting Russian malware — but VPN filter is aggressively targeting Ukraine.

Go deeper

Updated 46 mins ago - Politics & Policy

Coronavirus dashboard

Illustration: Sarah Grillo/Axios

  1. Global: Total confirmed cases as of 8:30 p.m. ET: 5,803,416 — Total deaths: 359,791 — Total recoveries — 2,413,576Map.
  2. U.S.: Total confirmed cases as of 8:30 p.m. ET: 1,720,613 — Total deaths: 101,573 — Total recoveries: 399,991 — Total tested: 15,646,041Map.
  3. Public health: The mystery of coronavirus superspreaders.
  4. Congress: Pelosi slams McConnell on stimulus delay — Sen. Tim Kaine and wife test positive for coronavirus antibodies.
  5. World: Twitter slapped a fact-check label on a pair of months-old tweets from a Chinese government spokesperson that falsely suggested that the coronavirus originated in the U.S.
  6. 2020: The RNC has issued their proposed safety guidelines for its planned convention in Charlotte, North Carolina.
  7. Axios on HBO: Science fiction writers tell us how they see the coronavirus pandemic.
  8. 🏃‍♀️Sports: Boston Marathon canceled after initial postponement, asks runners to go virtual.
  9. What should I do? When you can be around others after contracting the coronavirus — Traveling, asthma, dishes, disinfectants and being contagiousMasks, lending books and self-isolatingExercise, laundry, what counts as soap — Pets, moving and personal healthAnswers about the virus from Axios expertsWhat to know about social distancingHow to minimize your risk.
  10. Other resources: CDC on how to avoid the virus, what to do if you get it, the right mask to wear.

Subscribe to Mike Allen's Axios AM to follow our coronavirus coverage each morning from your inbox.

2 hours ago - World

The eye of the COVID-19 storm shifts to Latin America

Data: The Center for Systems Science and Engineering at Johns Hopkins; Chart: Naema Ahmed/Axios

The epicenter of the COVID-19 pandemic has moved from China to Europe to the United States and now to Latin America.

Why it matters: Up until now, the pandemic has struck hardest in relatively affluent countries. But it's now spreading fastest in countries where it will be even harder to track, treat and contain.

Minnesota activates National Guard amid fallout from George Floyd death

A portrait of George Floyd hangs on a street light pole in Minneapolis. Photo: Stephen Maturen/Getty Images

George Floyd, 46, moved to Minnesota to improve his life and become his "best self," but instead, he is dead because of Minneapolis police.

The latest: Minnesota Gov. Tim Walz declared a state of emergency and activated the state's National Guard in response to violent clashes over the past two days between police and protesters in the Twin Cities.