Routers from ASUS, D-Link, Huawei, Ubiquiti, UPVEL, ZTE., Linksys, MikroTik, Netgear, and TP-Link are vulnerable to the the VPNFilter Malware, thought to have originated in Russia.
At least a million routers infected
According to security researchers, significantly more routers have been infected by VPNFilter than first thought. Malaysians are very vulnerable because local ISPs use many of the brands listed, and few users update firmware regularly.
IoT Botnet
IoT devices which Routers are included in, along with IP Cameras, and other smarthome devices, run cut down operating systems with limited resources, often meaning security features that exist on full blown PCs and Servers are often overlooked. And because they generally don’t have a simple way to communicate to the user that an update is required they are often forgotten about or ignored.
A Botnet is a large number of computers, full blown or IoT, which have been infected and await instructions, often used for DDOS (Distributed Denial Of Service) attacks, they become devices for hire to cause harm to the businesses of those targeted.
Man in the middle attacks
As routers are infected by VPNFilter, and all internet traffic will pass through them, they are in a powerful position to manipulate the data going to or from the internet. Redirecting requests to fake sites (e.g. banking), which capture user details.
the FBI is recommending users reboot their routers, update to the latest version of the firmware and to be on the lookout for unusual activity when accessing the internet.