VPNFilter Router Malware Still Dangerous

  • The VPNFilter attack is worse than officials thought – 71 devices are believed to be vulnerable now, up from 16 a few weeks ago
  • Restarting your router won’t kill the VPNFilter – a firmware update is required to do so

More details below:

In late May, the FBI informed the public that hundreds of thousands of SOHO routers and network-access storage (NAS) devices across 54 countries had been infected with a malicious botnet known as “VPNFilter.” They reported that the “Sofacy Group” – believed to be behind the breach on the Democratic National Committee in 2016 – was behind the attack.

The FBI said in their May statement that the infection could be mostly cleared by rebooting your router.

Wednesday, researchers from Cisco’s Talos security team announced that the attack has affected far more devices than originally thought and that restarting your router won’t solve the problem.

The number of vulnerable devices has been raised from 16 to 71. These include hardware by Asus, Huawei, Linksys, Netgear, TP-Link and others.

In addition, the VPNFilter appears to have gained new capabilities. Now, a firmware update is required to wipe out the malware.

For technical details on the attack from Cisco Talos, click here.