VPNFilter malware targets networking devices worldwide
The malware is capable of file collection, command execution, data exfiltration, device management, theft of website credentials, monitoring of Modbus SCADA protocols and self destruct. The self destruct function can damage the router.
Researchers of Cisco Talos Intelligence have discovered an advanced malware infecting consumer grade routers worldwide. The malware has advanced capabilities for performing large scale attacks as well as intercepting and exfiltrating local traffic. List of affected router models can be found on the Talos Intelligence blog, please not that this list may still be incomplete.
Perform a factory reset and reconfigure the device.
Upgrade the firmware as soon as updates are available.
Due to the potential for destructive action by the threat actor, we recommend that these actions be taken for all SOHO or NAS devices, whether or not they are known to be affected by this threat.
1.0 Initial document
1.1 Update to vendors affected