Russia accused of plotting massive VPNFilter malware attack

Talos has estimated that VPNFilter has infected devices in at least 54 countries. (Source: Cisco)

There has been a report published stating at least 500,000 networking devices around the world have been infected by malware known as VPNFilter. It has been speculated that Russian state-sponsored hackers are behind the attack due to the activity specifically aimed at devices based in the Ukraine. Apparently, VPNFilter offers both intelligence-gathering and destructive capabilities.

Daniel R Deakin, Published 05/24/2018

A report published by Cisco Talos Intelligence Group has stated that over half a million network devices worldwide have been exposed to the VPNFilter malware. The software is capable of operating in an intelligence-gathering mode by stealing website credentials and monitoring network usage, and it is also able to provide a disconcerting destructive functionality that can shutdown infected devices. The statement from Talos provides information about the most likely affected devices:

The known devices affected by VPNFilter are Linksys, MikroTik, NETGEAR and TP-Link networking equipment in the small and home office (SOHO) space, as well at QNAP network-attached storage (NAS) devices.

A warning on the website for the US Computer Emergency Readiness Team (US-CERT) advises those with devices that might be infected to make sure all necessary security patches are downloaded and installed. Because of the apparent focus on networking devices in the Ukraine, it has been widely speculated that Russia is behind VPNFilter, with a possibility that there is intent to cause major disruption before the Champions League final, which is taking place in the Ukrainian capital of Kiev on Saturday.

This is not the first time Russia has been accused of planning such an attack. The Talos report mentions that the VPNFilter malware comes with a self-destruct ability, which if used would leave the infected device inoperable:

Lastly, the malware has a destructive capability that can render an infected device unusable, which can be triggered on individual victim machines or en masse, and has the potential of cutting off internet access for hundreds of thousands of victims worldwide.

Source(s)

Talos Group

Reuters

BGR

Smartphones in Russia will soon have to be more Russian... whatever that may mean. (Image via Charles DeLuvio on Unsplash, with edits)

Electronics sold in Russia must soon have software that supports "Russian spiritual and moral values" 01/27/2020

The free Office Depot PC Health Check allegedly operated in a similar fashion to scareware. (Source: FTC)

PC Health Check scareware allegations cost Office Depot and Support.com US$35 million 03/28/2019

Red Square - Moscow, Russia, Russia planning to disconnect from the world wide web (Source: World for Travel)

Russia planning to go internet-free, for now as an experiment 02/11/2019

Websites could battle more bots without interrupting users thanks to reCAPTCHA v3 10/31/2018

DuckDuckGo, the privacy-focused search engine, grows daily searches by 50% to 30 million 10/11/2018

50 million Facebook accounts were compromised due to a security flaw 09/30/2018

VPNs have been a popular alternative for businesses unable to invest in WANs. (Source: bestvpnservice.com)

VPNs for business may not have much time, according to cloud services exec 08/24/2018

Image source: The Age (Artist: Matt Golding)

An Australian teenager hacked into Apple's secure network and stole 90 GB of data 08/17/2018

Intel will eventually bake security fixes into its next-generation of silicon. (Source: Intel)

Intel plans to offload CPU malware scanning to iGPUs in new Spectre / Meltdown fix 04/17/2018

Law enforcement agencies tracked the alleged hacking activity back to 2015. (Source: Medium)

Russia accused of hijacking routers around the world 04/17/2018

Google Chrome found to start antivirus scans at every launch 04/09/2018

An estimated 230,000 computers were infected within a single day in the 2017 WannaCry ransomware attack. (Source: Wccftech)

WannaCry virus strikes Boeing production plant 03/29/2018

A new Android exploit has users unwittingly mining for Monero. (Source: Malwarebytes)

First large scale mobile mining malware hits millions of Android users 02/14/2018

Cybersecurity firms are analyzing the malicious code known as Olympic Destroyer. (Source: Forbes)

"Olympic Destroyer" virus fails to destroy Olympics 02/12/2018

North Korean military parade, North Korean Android malware targets defectors and their supporters

North Korean malware targets defectors and their supporters 01/12/2018

Smartphone in smoke, the possible outcome of a Loapi Trojan malware infection (Source: Kaspersky Lab official blog)

The Loapi Trojan malware can blow up your Android phone 12/20/2017

Graph of the increase in cryptocurrency mining trojans as measured by Kaspersky Labs. (Source: Bleeping Computer)

Cryptocurrency mining malware has infected over 1.65 million computers this year 09/12/2017

Virus infections are relatively rare on Android, but the risk increases when the user allows side loading of apk files. (Source: gfkDSGN/Pixabay)

Android antivirus software relatively easy to beat 07/24/2017

Loading Comments

Comment on this article

Grammarly update brings UI revamp a...

Nintendo may be developing an N64 c...

Daniel R Deakin - Managing Editor News & Magazine - 3118 articles published on Notebookcheck since 2012

My interest in technology began after I was presented with an Atari 800XL home computer in the mid-1980s. I especially enjoy writing about technological advances, compelling rumors, and intriguing tech-related leaks. I have a degree in International Relations and Strategic Studies and count my family, reading, writing, and travel as the main passions of my life. I have been with Notebookcheck since 2012.

Please share our article, every link counts!

> Expert Reviews and News on Laptops, Smartphones and Tech Innovations > News > News Archive > Newsarchive 2018 05 > Russia accused of plotting massive VPNFilter malware attack

Daniel R Deakin, 2018-05-24 (Update: 2018-05-24)

Russia accused of plotting massive VPNFilter malware attack

Source(s)

Related Articles