VPN Filter: botnet of routers



"FBI agents armed with a court order have seized control of a
key server in the Kremlin’s global botnet of 500,000 hacked

"The FBI counter-operation goes after “VPN Filter,” a piece of
sophisticated malware linked to the same Russian hacking group,
known as Fancy Bear, that breached the Democratic National
Committee and the Hillary Clinton campaign during the 2016


"The known devices affected by VPNFilter are Linksys, MikroTik,
NETGEAR and TP-Link networking equipment in the small and home
office (SOHO) space, as well at QNAP network-attached storage
(NAS) devices. No other vendors, including Cisco, have been
observed as infected by VPNFilter, but our research continues.
The behavior of this malware on networking equipment is
particularly concerning, as components of the VPNFilter malware
allows for theft of website credentials and monitoring of Modbus
SCADA protocols."