Having infected about a million routers around the world, the VPNFilter virus was even more dangerous than initially thought. Cisco Talos security experts learned that this malware could not only disable devices but also bypass SSL encryption, turning secure Web requests into regular HTTP. This significantly expands the capabilities of intruders, making the threat much more severe.

The virus VPNFilter that hit the world turned out to be more dangerous than it was thought

Bypassing SSL encryption allows a virus to intercept outgoing Web requests by converting them to unprotected ones with the HTTP protocol. Due to this, attackers can steal accounts, passwords, and other confidential information. Moreover, the virus is also able to embed and other malicious JavaScript code into websites when they visit and various devices that are on the same local network with the router. In other words, from a router, the virus can move to computers and any smart equipment.



In addition to discovering new opportunities for the virus, experts also found that far more devices are vulnerable to it than previously reported. At the moment, we know that VPNFilter attacks Linksys routers, MikroTik, Netgear, QNAP, TP-Link, ASUS, D-Link, Huawei, Ubiquiti, Upvel, and ZTE. The most significant number of infected devices.

As protection against virus experts recommend that you reboot the network equipment or upgrade to the latest firmware from the manufacturer. For example, MikroTik and Netgear have already released patches with protection from VPNFilter.