Today we get far more details about the VPNFilter malware and it's way more serious:
https://arstechnica.com/information-technology/2018/06/vpnfilter-malware-infecting-50000-devices-is-worse-than-we-thought/
https://arstechnica.com/information-technology/2018/06/vpnfilter-malware-infecting-50000-devices-is-worse-than-we-thought/
My main takeaways, to be instantly corrected by some here who have more knowledge, if I make any main blunders:
1. This is not the work of script kiddies or even major Russian mafia, this is highly sophisticated state sponsored low level outright warfare and Putin ain't gonna stop til there is serious pushback.
2. It's a vector against hardware that has always been a security joke, as I mentioned in another post, most consumer routers use chipsets from just 2 sources, none of the brands you know/purchase are made by companies with the technical knowledge to really design this equipment, they tinker at the edges with the hardware and software provided in the prototype designs provided by the chipset designers, This means attacks are usually applicable to most brands/models.
3. We still have no way of ascertaining if you have been infected at Level 1 and the subsequent infections are now known to be able to cover their tracks almost perfectly.
4. It will take most of a year til new routers, using new chipsets that make at least a decent attempt to avoid such hacking appear, so running out and buying something new, unless it's considerably more elaborate/expensive than the average consumer device is probably pointless atm.
https://arstechnica.com/information-technology/2018/06/vpnfilter-malware-infecting-50000-devices-is-worse-than-we-thought/
https://arstechnica.com/information-technology/2018/06/vpnfilter-malware-infecting-50000-devices-is-worse-than-we-thought/
My main takeaways, to be instantly corrected by some here who have more knowledge, if I make any main blunders:
1. This is not the work of script kiddies or even major Russian mafia, this is highly sophisticated state sponsored low level outright warfare and Putin ain't gonna stop til there is serious pushback.
2. It's a vector against hardware that has always been a security joke, as I mentioned in another post, most consumer routers use chipsets from just 2 sources, none of the brands you know/purchase are made by companies with the technical knowledge to really design this equipment, they tinker at the edges with the hardware and software provided in the prototype designs provided by the chipset designers, This means attacks are usually applicable to most brands/models.
3. We still have no way of ascertaining if you have been infected at Level 1 and the subsequent infections are now known to be able to cover their tracks almost perfectly.
4. It will take most of a year til new routers, using new chipsets that make at least a decent attempt to avoid such hacking appear, so running out and buying something new, unless it's considerably more elaborate/expensive than the average consumer device is probably pointless atm.