500,000 internet routers may be infected with destructive malware, experts say
An estimated 500,000 routers from different makers were discovered to be infected with potentially destructive malware, according to cybersecurity researchers.
The experts observed the modular malware system called “VPNFilter” seeded in small office/home office (SOHO) routers made by Cisco, Netgear, Linksys, MikroTik and TP-Link. They also found the malware in network-attached storage (NAS) devices made by QNAP, as reported by the Cisco Talos Security Intelligence and Research Group (Talos) on May 23.
Attackers could potentially use VPNFilter to gather information from infected machines or launch aggressive and deadly attacks which could destroy systems or devices.
The routers infected by VPNFilter came from 54 countries, according to the report. They believe the spread of infection had been slowly building up since 2016. Meanwhile, the researchers observed that the rate of cyber attacks increased in the past few weeks. Two of these were major attacks targeting devices in Ukraine.
The researchers suggested for users to reboot their routers as an immediate countermeasure to cyberattack through VPNFilter.
The report did not specify any country as the perpetrator of the cyber attacks, but suggested nation-states could use VPNFilter to target rival countries covertly.
The cybersecurity researchers provided a list of particular devices within the technical report, which they believe are vulnerable to VPNFilter attacks. Some of the models included are the Netgear WNR2000, Linksys E1200, and QNAP TS251.
Cybersecurity experts continue to monitor the VPNFilter infection as they try to develop more effective countermeasures to keep customer devices protected. JB
Subscribe to INQUIRER PLUS to get access to The Philippine Daily Inquirer & other 70+ titles, share up to 5 gadgets, listen to the news, download as early as 4am & share articles on social media. Call 896 6000.