The U.S Department of Homeland security claimed that it was investigating the malware which seems to have targeted devices from Netgear, MikroTik, Linksys, QNAP, and TP-Link. It also went on to advise the users to install security updates.
CISCO Systems Inc. that have been probing this threat for several months claim that they have high confidence that the Russians are behind this campaign, according to Craig Williams who is a CISCO researcher. He quoted the overlay of hacking code along with the malware that was used in the previous cyber-attack which the U.S governments have credited to Moscow.
According to CISCO’s report, Ukraine has suffered the largest amount of infected routers which has led them to believe that they are the target of the expected attack. Ukraine’s state security service (SBU) claimed that commotion showed that Russia was preparing a cyber attack on a large scale before the Champions League soccer final that will be held in Kiev on Saturday.
CISCO, which found out about this campaign months ago, first alerted the authorities in Ukraine and the United States before they went public with its findings.
CISCO also claimed that they do not know what the cyber-criminals have planned and that the malware may be used for espionage or to interfere with Internet communications or to launch a destructive attack similar to NotPetya, according to Craig Williams.
The Kremlin did not respond immediately to a request for a comment but has denied assertions by nations including Western cyber-security firms and the Ukraine.
According to CISCO, “VPNFilter has infected devices in at least 54 countries, but by far the largest number is in Ukraine.”
Netgear representative, Nathan Papadopulos said that the company was looking into the matter.