VPN Filter: botnet of routers

["Scott Weeks" <surfer () mauigateway com>]

Kaboom!

https://www.thedailybeast.com/exclusive-fbi-seizes-control-of-russian-botnet

"FBI agents armed with a court order have seized control of a 
key server in the Kremlin’s global botnet of 500,000 hacked 
routers..."

"The FBI counter-operation goes after  “VPN Filter,” a piece of 
sophisticated malware linked to the same Russian hacking group, 
known as Fancy Bear, that breached the Democratic National 
Committee and the Hillary Clinton campaign during the 2016 
election."


https://blog.talosintelligence.com/2018/05/VPNFilter.html

"The known devices affected by VPNFilter are Linksys, MikroTik, 
NETGEAR and TP-Link networking equipment in the small and home 
office (SOHO) space, as well at QNAP network-attached storage 
(NAS) devices. No other vendors, including Cisco, have been 
observed as infected by VPNFilter, but our research continues. 
The behavior of this malware on networking equipment is 
particularly concerning, as components of the VPNFilter malware 
allows for theft of website credentials and monitoring of Modbus 
SCADA protocols."


scott