VPNFilter, a malware with a router kill switch, when activated remotely.

wkleem
wkleem
Community Member
edited May 2018 in Lounge

I have been reading about this particular malware which infected a half million routers worldwide and can survive a router reset. It is widely reported. Check your routers for updates.

Cisco's Talos Intelligence and Kaspersky has the analysis.

https://blog.talosintelligence.com/2018/05/VPNFilter.html

https://securelist.com/vpnfilter-exif-to-c2-mechanism-analysed/85721/

Comments

  • AGAlumB
    AGAlumB
    1Password Alumni

    Indeed, that's really amazing stuff, especially how they're hiding information in EXIF metadata. It looks like, mercifully, only a small number of Linux-based routers and NAS are affected so far.

This discussion has been closed.