Vpnfilter: the new threat affecting 500,000 routers

Cisco has been in charge of discovering a new attack that they have named VPNFilter. This attack focuses its efforts on attacking network devices such as routers and NAS. It has already been detected in 54 countries worldwide and there are already some 500, 000 routers and NAS devices that have been affected. Although the reality is that the figure could be higher.

VPNFilter: The new threat affecting 500, 000 routers

Cisco defines it as the largest attack of this type so far. The dangerous thing is that the affected devices are used as a botnet to carry out DDoS attacks in a massive way. In addition, they have a kill switch that can render them inoperative or block Internet access.

Cisco discovers new VPNFilter attack

Branded routers like NETGEAR, QNAP or Linksys are among those affected. The country with the most infections so far is Ukraine, where VPNFilter has hit hard in the first weeks of May. It closely resembles BlackEnergy, which was attributed to Russia. So many think that this new attack also comes from the country.

This new attack by Russia is believed to be aimed at interfering with Ukraine's network, seeking to saturate the country's service network. It would not be the first time that the country has launched attacks of this type. Cisco claims that this would allow Russia to do whatever it wants if they manage to attack its networks. Ukraine believes they want to launch a full-scale attack to coincide with the Champions League final.

Router manufacturers already have a patch available to protect them against VPNFilter. So it is a matter of time before it reaches the devices. At the moment, the origin of the attack is still being investigated. We will know more soon.

The Hacker News Font