Researchers from Cisco's Talos cyber intelligence unit have recently discovered more than half a million infected routers and storage devices in dozens of countries. Created by a Russian group of hackers, the devices were compromised with a highly sophisticated IoT botnet malware.
According to the cyber intelligence unit, the botnet malware is tagged as “VPNFilter” and it was created to collect information, manipulate online communications, and carry out destructive cyber-attack operations.
This notorious malware, VPNFilter has already pwned at least 500,000 routers and storage devices in almost 54 nations. Most of the routers and devices are from small and home offices which include routers of some of the renowned companies like Linksys, MikroTik, NETGEAR, and TP-Link.
"VPNFilter has a highly destructive abilityto render an infected device unusable, later which can be used to trigger on the machines of individual victims,”William Largent, a researcher from Talos said in a blog post. “It has also the abilityto shutdown internet access for hundreds of thousands of victims’ systems worldwide."
VPNFilter is believed to be one of the most powerful malware ever created to date. It is a modular malware with capabilities like stealing website credentials and monitoring admin controls. To carry out an entire operation, this nasty malware communicates using Tor network. Hold on! That is not all; the malware even contains a killswitch for routers to willfullykill itself when needed.
So, to secure yourself, it is recommended to factory reset your router to remove the potentially destructive malware, update the firmware of the router and also change the default credentials for your device, ASAP.