TTCSIRT-124.052518: TT-CSIRT Advisory – Malware Security Updates
Talos has reported that a sophisticated modular malware system known as VPNFilter has a destructive capability that can make the affected device unusable.
Devices known to be affected by VPNFilter include Linksys, MikroTik, NETGEAR, and TP-Link networking equipment as well as QNAP network-attached storage (NAS) devices. In addition, compromised devices may be vulnerable to the collection of network traffic (including website credentials) as well as the monitoring of Modbus supervisory control and data acquisition (SCADA) protocols.
Because the malware can be triggered to affect devices individually or together, VPNFilter has the potential to cut off internet access for hundreds of thousands of users.
|Further information on this malware can be found on the Talos Website at https://blog.talosintelligence.com/2018/05/VPNFilter.html