VPNFilter

GPTKB entity

Statements (33)
Predicate Object
gptkbp:instanceOf malware
gptkbp:affectsVendor gptkb:MikroTik
gptkb:Netgear
gptkb:QNAP
gptkb:TP-Link
gptkb:Linksys
gptkbp:connectsTo gptkb:APT28
gptkb:Fancy_Bear
Russian hacking group Sofacy
gptkbp:discoveredBy gptkb:Cisco_Talos
gptkbp:diseaseVector default credentials
exploiting known vulnerabilities
gptkbp:estimatedInfectedDevices over 500,000
gptkbp:firstReported 2018
https://www.w3.org/2000/01/rdf-schema#label VPNFilter
gptkbp:maliciousCapability command and control
data exfiltration
man-in-the-middle attack
device bricking
packet sniffing
persistence after reboot
gptkbp:notableBattle gptkb:2018_Ukraine_router_attack
gptkbp:notableFeature modular architecture
encrypted communication
multi-stage payload
self-destruct capability
gptkbp:removes factory reset
firmware update
gptkbp:target network routers
network-attached storage devices
gptkbp:vulnerableTo gptkb:CVE-2018-14847
gptkbp:bfsParent gptkb:TA-94
gptkbp:bfsLayer 5