In late May 2018, security researchers announced that specific consumer-grade electronic devices had been infected by a type of malware referred to as the VPNFilter. Only a couple of days after this information was disclosed, several agencies of the United States Government issued a warning to users of these compromised devices, strongly advising them of specific steps to take immediately to protect themselves from potential damage. A highly sophisticated group of foreign cyber actors were linked to this malware attack.
Cisco’s Talos security team identified the malware and reported that it had infected over half a million devices produced by a handful of different manufacturers. The malware specifically attacked Small Office/Home Office (SOHO) routers and Network Attached Storage (NAS) devices. By utilizing the VPNFilter malware, the hackers were able to intercept, collect, and modify network traffic; launch various attacks; and also possessed the capability to destroy devices by merely issuing a single command.
This podcast examines the VPNFilter Router Attack malware’s multi-stage, modular platform. The scale and capabilities, as well as the impact of the VPNFilter Router Attack malware, are also considered.