Russia-linked malware infected 500k routers

A router — Routers from a variety of vendors are vulnerable to VPNFilter. Photo: Thomas Trutschel/Photothek via Getty Images

Cisco's Talos research group outlined a malware threat that has already infected 500,000 routers in 54 countries from a variety of manufacturers, with code substantially overlapping with known Russian attacks.

Why it matters: The threat, nicknamed VPNFilter, can infect Linksys, MikroTik, NETGEAR and TP-Link small business and home office routers as well as network storage devices. It can steal web site credentials, monitor commands to industrial systems and launch destructive attacks against the devices it infects. And it can do all of this beyond the reach of many types of network defenses that don't protect routers.

Show less

Go deeper52 Words

How it links to Russian intelligence: The code in VPNFIlter overlaps with Russia's BlackEnergy malware that has been used to attack energy infrastructure in Ukraine. The Talos report notes this is not a definitive link — another attacker may be coopting Russian malware — but VPN filter is aggressively targeting Ukraine.

Cisco

Latest Stories

Latest Stories

Virginia Republicans push for 10-person probe of lieutenant governor

Republicans condemn Cummings' "irresponsible" accusations against Trump lawyers

Scandal swirls around Canada's Justin Trudeau

Kraft Heinz stock implodes on gruesome earnings

Axios Future: Where jobs aren't — Predicting disease — Emojis in the courtroom

Tennessee governor apologizes for Confederate uniform in yearbook

NOx never looked so beautiful

Saturday's showdown in Venezuela will test strength of Maduro, Guaidó

House Judiciary schedules hearing on Trump’s family separation policy

Axios World: Venezuela border showdown — Bibi boosts bigots — Trudeau's growing scandal

Zebra stripes confuse biting flies

North Korean hackers could start stealing business secrets

Richard Sackler endorsed plan to mislead about OxyContin's potency

Axios Science: Climate change's new salience — Standards for AI medicine — Flies can't stick zebra landings

Trump's Golden State bad blood

Scientists call for rules on evaluating predictive AI in medicine

Axios PM: Trump's Golden State bad blood — Roger Stone gagged — North Carolina will hold new election

DoorDash now valued at $7.1 billion

Judge rules prosecutors broke federal law in Jeffrey Epstein case

North Carolina board calls for new election in disputed House race

Russia-linked malware infected 500k routers

Latest Stories

Latest Stories

Virginia Republicans push for 10-person probe of lieutenant governor

Republicans condemn Cummings' "irresponsible" accusations against Trump lawyers

Scandal swirls around Canada's Justin Trudeau

Kraft Heinz stock implodes on gruesome earnings

Axios Future: Where jobs aren't — Predicting disease — Emojis in the courtroom

Tennessee governor apologizes for Confederate uniform in yearbook

NOx never looked so beautiful

Saturday's showdown in Venezuela will test strength of Maduro, Guaidó

House Judiciary schedules hearing on Trump’s family separation policy

Axios World: Venezuela border showdown — Bibi boosts bigots — Trudeau's growing scandal

Zebra stripes confuse biting flies

North Korean hackers could start stealing business secrets

Richard Sackler endorsed plan to mislead about OxyContin's potency

Axios Science: Climate change's new salience — Standards for AI medicine — Flies can't stick zebra landings

Trump's Golden State bad blood

Scientists call for rules on evaluating predictive AI in medicine

Axios PM: Trump's Golden State bad blood — Roger Stone gagged — North Carolina will hold new election

DoorDash now valued at $7.1 billion

Judge rules prosecutors broke federal law in Jeffrey Epstein case

North Carolina board calls for new election in disputed House race

Never miss an Axios exclusive. Sign up for Mike Allen's AM newsletter.

Russia-linked malware infected 500k routers