VPNFilter is far more dangerous than we thought!

4

Malware that attacks routers are more dangerous:- VPNFilter,  the malware for routers, initially founded by Cisco, has far more dangerous characteristics. You can read about the malware on Cisco’s blog. The malware is a very dangerous malware, which attacks routers of TP-Link, D-Link and many others. But the list has expanded since its initial discovery.

The malware is heavily active around Ukraine.

VPNFilter is dangerous! – Cisco

The malware has affected large numbers of routers – TP-Link, D-Link and many others. The malware is somewhere from Russia, Cisco suspects. Now in new findings, Cisco finds that more and more devices are affected by the malware.

Few devices from large manufacturers such as Asus, Huawei, and many others have also affected.  This malware is largely active inside Ukraine, due to which people at Cisco suspect a massive cybersecurity breach will take place. This malware intends to steal user sensitive data from different routers and switches.

In a blog post, Cisco Talos said:

In the days since we first published our findings on the campaign, we have seen that VPNFilter is targeting more makes/models of devices than initially thought, and has additional capabilities, including the ability to deliver exploits to endpoints

As far as additional features of VPNFilter is concerned, it can now bypass SSL  encryption.  This makes more and more sensitive data to leak.

Also, Read: Intel With Microsoft in Dual- Screen PC Market

How to prevent/protect from VPNFilter?

Also regarding security outside Ukraine, we are not safe as well. This malware can reach any device in any corner of the world. There are several steps we can consider to remain safe from this terrible malware. Check the router list. If the router you use is on the list, do the following.

  1. Symantec recommends rebooting the router immediately, but this will be a partial removal of the malware.
  2. Update the firmware, if available.
  3. Hard reset will completely remove the threat from the router, but do note that this will remove all the user-specified configuration of the router.

The above steps work on a temporary basis, as the router is still vulnerable to the threat. Teams around the world are still trying to find the ‘antidote’ for the  ‘poison’.

Please let us know in the comments if you are affected by the threat or anyone of your family and friends have?

Peace Out!

Comments