May 23, 2018

Russia-linked malware infected 500k routers

Routers from a variety of vendors are vulnerable to VPNFilter. Photo: Thomas Trutschel/Photothek via Getty Images

Cisco's Talos research group outlined a malware threat that has already infected 500,000 routers in 54 countries from a variety of manufacturers, with code substantially overlapping with known Russian attacks.

Why it matters: The threat, nicknamed VPNFilter, can infect Linksys, MikroTik, NETGEAR and TP-Link small business and home office routers as well as network storage devices. It can steal web site credentials, monitor commands to industrial systems and launch destructive attacks against the devices it infects. And it can do all of this beyond the reach of many types of network defenses that don't protect routers.

How it links to Russian intelligence: The code in VPNFIlter overlaps with Russia's BlackEnergy malware that has been used to attack energy infrastructure in Ukraine. The Talos report notes this is not a definitive link — another attacker may be coopting Russian malware — but VPN filter is aggressively targeting Ukraine.

Go deeper

Margaret Talev, Alexi McCammond

Sign of the times: A pro-Warren super PAC

Democratic presidential candidate Sen. Elizabeth Warren at a rally in Nevada. Photo: Alex Wong/Getty Images

A group of women progressives who back Sen. Elizabeth Warren has formed Persist PAC, a super PAC airing pro-Warren ads starting Wednesday in an effort to boost her performance ahead of Saturday's crucial Nevada caucuses, a spokesman told Axios.

Why it matters: Warren has spoken adamantly against the influence of unlimited spending and dark money in politics. But these supporters have concluded that before Warren can reform the system, she must win under the rules that exist — and that whether she likes it or not, their uncoordinated help may be needed to keep her viable through this weekend's contest and into South Carolina and Super Tuesday.

Go deeperUpdated 51 mins ago - Politics & Policy

Fadel Allassan

Pentagon policy chief resigns amid reported discord with Trump

John Rood. Photo: Mark Wilson/Getty Images

John Rood, the Pentagon's top policy official, will resign from his post at the end of the month, CNN first reported and President Trump confirmed.

The state of play: CNN said Rood "was perceived as not embracing some of the changes in policy the White House and senior Pentagon officials wanted," such as peace talks in Afghanistan with the Taliban and a decision to cut back on military exercises with South Korea as the president courted North Korea's Kim Jong-un.

Go deeper1 hour ago - Politics & Policy

Axios

Coronavirus cases rise, as warnings of global pandemic grow

Data: The Center for Systems Science and Engineering at Johns Hopkins, the CDC, and China's NHC; Note: China refers to mainland China and the Diamond Princess is the cruise ship offshore Yokohama, Japan. Map: Danielle Alberti/Axios

We may be "at the brink" of a global pandemic, warns a top U.S. public health official, as cases continue to spread despite containment efforts. Meanwhile, the global economy is being affected, including the tech manufacturing industry.

The big picture: COVID-19 has now killed more than 2,000 people and infected over 75,000 others, mostly in mainland China, where the National Health Commission announced 136 new deaths since Tuesday.

Go deeperUpdated 2 hours ago - Health