In response to news today that the FBI seized the domain behind the major Russian botnet believed to be poised for an attack on the Ukraine and incorporating “VPNFilter” malware, a Corero Network Security expert offers perspective on why the botnet remains a significant cause for concern. Sean Newman, Director Product Management at Corero Network Security commented below.
Sean Newman, Director Product Management at Corero Network Security:
“Reports of the latest IoT botnet, based on malware now known as “VPN Filter”, shows a level of complexity which expands upon many of the techniques originally demonstrated in the Mirai botnet.
“The worrying thing here is that the increased level of sophistication includes the ability to retain a presence on infected devices across reboots, and leverages multiple vulnerabilities to gain its foothold, which has led to this reportedly being the largest IoT botnet seen to date, with half a million devices.
Combine this scale and sophistication with an ability to arm the bot with different tools, depending on the type of attack being planned, which could well include DDoS, then this is advancement should be taken very seriously, even if authorities have had successes in disarming this particular instance of the botnet.”
