Menu
Asus, D-Link and Huawei devices also targeted in global malware campaign

Asus, D-Link and Huawei devices also targeted in global malware campaign

Six other vendors have been targeted in the malware attack that infected 500,000 devices

Cisco cyber intelligence unit Talos has found that the actor behind the global VPNFilter malware campaign also targeted Asus, D-Link, Huawei, Ubiquiti, UPVEL, and ZTE devices.

On 23 May, Talos warned that hackers had infected at least 500,000 networking devices in 54 countries. At the time, the known affected vendors were Linksys, MikroTik, Netgear and TP-Link.

Small and home office (SOHO) and QNAP network-attached storage (NAS) devices were the targeted devices.

Now Talos believes the actor, which it claims is likely state-sponsored or state-affiliated, has also targeted the devices of six additional vendors, including Asus, D-Link, Huawei, Ubiquiti, UPVEL, and ZTE.

"The list of makes and models at risk is getting longer. We'd urge users to check to see if their device is being targeted by this bad actor, and take the recommended steps to protect themselves," Cisco Talos outreach leader Craig Williams said.

Since its preliminary findings, Talos has now found there is a way for the attacker to inject malicious content into web traffic as it passes through network device without the user's knowledge. 

This is done through a new stage 3 module that allows the actor to deliver exploits to endpoints via a man-in-the-middle capability. In other words, the hacker intercept network traffic and inject malicious code into it without the user's knowledge.

Talos has also discovered an additional stage 3 module that provides any stage 2 module that lacks the kill command the capability to disable the device. When executed, this module specifically removes traces of the VPNFilter malware from the device and then renders the device unusable.

According to Talos, this makes it clear that the VPNFilter threat was meant to leverage the victim's devices in a much bigger way.

"The technical sophistication of this attack is like nothing we've ever seen before. The bad guys continue to innovate and iterate using a modular approach. Our research into this show they can deliver threats to the endpoint and network. Once you can inject code you can quite literally do anything- steal passwords, install software…"  Cisco Talos vice president Matt Watchinski said.

Cisco Talos said in a statement that the VPNFilter attack is more significant than originally thought but reaffirms that the attack did not compromise enterprise-grade routers, including all Cisco routers and switches.



Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags malwareD-LinkLinksysnetgearHuaweiasusTP-LinkZTEUbiquitiVPNFilterMikroTikUPVELCisco Talos

Featured

Slideshows

Reseller News welcomes industry figures for 2019 Hall of Fame lunch

Reseller News welcomes industry figures for 2019 Hall of Fame lunch

Reseller News welcomed 2018 inductees - Chris Simpson, Kendra Ross and Phill Patton - to the third running of the Reseller News Hall of Fame lunch, held at the French Cafe in Auckland. The inductees discussed the changing landscape of the technology industry in New Zealand, while outlining ways to attract a new breed of players to the ecosystem. Photos by Gino Demeer.

Reseller News welcomes industry figures for 2019 Hall of Fame lunch
Upcoming tech talent share insights at inaugural Emerging Leaders Forum 2019

Upcoming tech talent share insights at inaugural Emerging Leaders Forum 2019

The channel came together for the inaugural Reseller News Emerging Leaders Forum in New Zealand, created to provide a program that identifies, educates and showcases the upcoming talent of the ICT industry. Hosted as a half day event, attendees heard from industry champions as keynoters and panelists talked about future opportunities and leadership paths and joined mentoring sessions with members of the ICT industry Hall of Fame. The forum concluded with 30 Under 30 Tech Awards across areas of Sales, Entrepreneur, Marketing, Management, Technical and Human Resources. Photos by Gino Demeer.

Upcoming tech talent share insights at inaugural Emerging Leaders Forum 2019
Show Comments