Joe UchillMay 23, 2018

Russia-linked malware infected 500k routers

A router — Routers from a variety of vendors are vulnerable to VPNFilter. Photo: Thomas Trutschel/Photothek via Getty Images

Cisco's Talos research group outlined a malware threat that has already infected 500,000 routers in 54 countries from a variety of manufacturers, with code substantially overlapping with known Russian attacks.

Why it matters: The threat, nicknamed VPNFilter, can infect Linksys, MikroTik, NETGEAR and TP-Link small business and home office routers as well as network storage devices. It can steal web site credentials, monitor commands to industrial systems and launch destructive attacks against the devices it infects. And it can do all of this beyond the reach of many types of network defenses that don't protect routers.

How it links to Russian intelligence: The code in VPNFIlter overlaps with Russia's BlackEnergy malware that has been used to attack energy infrastructure in Ukraine. The Talos report notes this is not a definitive link — another attacker may be coopting Russian malware — but VPN filter is aggressively targeting Ukraine.

Cisco

Latest Stories

Latest Stories

Schumer requests probe into Harriet Tubman $20 bill redesign delay

Classified UFO briefing given to senators on Navy encounters: Report

Biden snaps back at Booker over race remarks backlash

Trump defends Pelosi to Fox News' Sean Hannity

Pompeo urges Russia to act after murder charges laid over MH17 downing

Iran's Revolutionary Guard claims to have shot down U.S. drone: Report

House Dems vote to repeal 9/11-era law in hopes of deterring war with Iran

Trump admin. walks back plan to cut Forest Service program, slash 1,110 jobs

Trump’s UN pick breaks with White House on climate change

Axios Future: Brain wearables — Vaccine divide — Billions of goats

Felix Sater to testify privately before House Intelligence Committee

63% of Americans worry about foreign meddling in 2020

Guatemala faces runoff election as emigration wave continues

Axios Dashboard

FTC forces UnitedHealth to sell part of its DaVita acquisition

Mexico becomes first country to pass USMCA trade deal

Biden's race backlash

Trump envoy claims Iran pressure is working despite fears of war

Axios PM: Biden's race backlash — Canada outpaces U.S. — White House blocks Hicks testimony

Canada accepts more refugees than the U.S. for first time since 1980

Russia-linked malware infected 500k routers

Latest Stories

Latest Stories

Schumer requests probe into Harriet Tubman $20 bill redesign delay

Classified UFO briefing given to senators on Navy encounters: Report

Biden snaps back at Booker over race remarks backlash

Trump defends Pelosi to Fox News' Sean Hannity

Pompeo urges Russia to act after murder charges laid over MH17 downing

Iran's Revolutionary Guard claims to have shot down U.S. drone: Report

House Dems vote to repeal 9/11-era law in hopes of deterring war with Iran

Trump admin. walks back plan to cut Forest Service program, slash 1,110 jobs

Trump’s UN pick breaks with White House on climate change

Axios Future: Brain wearables — Vaccine divide — Billions of goats

Felix Sater to testify privately before House Intelligence Committee

63% of Americans worry about foreign meddling in 2020

Guatemala faces runoff election as emigration wave continues

Axios Dashboard

FTC forces UnitedHealth to sell part of its DaVita acquisition

Mexico becomes first country to pass USMCA trade deal

Biden's race backlash

Trump envoy claims Iran pressure is working despite fears of war

Axios PM: Biden's race backlash — Canada outpaces U.S. — White House blocks Hicks testimony

Canada accepts more refugees than the U.S. for first time since 1980

Sign up for a daily newsletter defining what matters in business and markets

Russia-linked malware infected 500k routers