The Patriot Files Forums  

Go Back   The Patriot Files Forums > Warfare > Cyber

Post New Thread  Reply
 
Thread Tools Display Modes
  #1  
Old 06-06-2018, 10:04 AM
Boats's Avatar
Boats Boats is offline
Senior Member
 

Join Date: Jul 2002
Location: Chicago, IL
Posts: 9,185
Cool Experts warn massive malware network linked to Russia is more widespread

Experts warn massive malware network linked to Russia is more widespread
BY OLIVIA BEAVERS - 06/06/18 11:55 AM EDT
RE: http://thehill.com/policy/cybersecur...ore-widespread

Cybersecurity experts are warning that a sophisticated Russia-linked hacking campaign has infected more devices than previously reported.

Experts at Cisco’s threat intelligence arm Talos said their new findings reveal that the dangerous malware, dubbed VPNFilter, has not only compromised more routers in small or home offices, but it also has more capabilities than they had initially found.

"We have seen that VPNFilter is targeting more makes/models of devices than initially thought, and has additional capabilities, including the ability to deliver exploits to endpoints," according to a Wednesday Talos blog post.
The hackers are targeting additional home network vendors like ASUS, D-Link, Huawei, Ubiquiti, UPVEL and ZTE, the cyber firm says.

Talos had reported last month that the botnet — a network of infected devices— had compromised Linksys, MikroTik, Netgear, and TP-Link, estimating that VPNFilter had affected 500,000 devices in 54 countries. The latest report, however, notes that new devices were also discovered on these initially reported routers.

The firm also said it discovered that the malware can "intercept network traffic and inject malicious code into it without the user's knowledge."

"With this new finding, we can confirm that the threat goes beyond what the actor could do on the network device itself, and extends the threat into the networks that a compromised network device supports," the blog reads.

The Talos experts first warned about VPNFilter last month, noting that their research is ongoing but they are releasing their findings early in the hopes that affected parties can begin taking steps to protect themselves.

Talos's first report came just days before the FBI issued a formal warning about VPNFilter, advising owners to reboot these devices in an attempt to disrupt the malicious software.

"The FBI recommends any owner of small office and home office routers reboot the devices to temporarily disrupt the malware and aid the potential identification of infected devices," the bureau's cyber division wrote in a public alert.

Officials explicitly linked the botnet to the cyber espionage group known as APT 28, or Sofacy, believed to be connected to the Russian government. VPNFilter has code that overlaps with BlackEnergy, malware the Department of Homeland Security has already attributed to Russia, the firm found.

Talos warned that the botnet is increasingly attacking victims in Ukraine, infecting thousands of devices ahead of an upcoming national holiday in the country.

"While this isn't definitive by any means, we have also observed VPNFilter, a potentially destructive malware, actively infecting Ukrainian hosts at an alarming rate, utilizing a command and control infrastructure dedicated to that country," Talos wrote in a blog post last month.

The firm warned that VPNFilter could wreak havoc in a number of ways, from stealing website credentials to causing widespread internet disruption.

"The malware has a destructive capability that can render an infected device unusable, which can be triggered on individual victim machines or en masse, and has the potential of cutting off internet access for hundreds of thousands of victims worldwide."
__________________
Boats

O Almighty Lord God, who neither slumberest nor sleepest; Protect and assist, we beseech thee, all those who at home or abroad, by land, by sea, or in the air, are serving this country, that they, being armed with thy defence, may be preserved evermore in all perils; and being filled with wisdom and girded with strength, may do their duty to thy honour and glory; through Jesus Christ our Lord. Amen.

"IN GOD WE TRUST"
sendpm.gif Reply With Quote
Sponsored Links
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On

All times are GMT -7. The time now is 07:03 PM.


Powered by vBulletin, Jelsoft Enterprises Ltd.