Threat Intelligence Report: VPNFilter

We have been made aware of a new type of malware. The exploit, called VPNFilter, can be used to render an infected device inoperable by deleting the files necessary for normal operation. VPNFilter is a multi-platform and multi-phase exploit, it has a diverse range of capabilities which include credentials stealing and traffic injection. Read the full report to find out more.

Name of Exploit

VPNFilter

Type of Exploit

Malware, credential theft, exfiltration of data (specifically documents), credit card credential capture

How Exploit is Spread

The malware is spread via email attachments that contain a word, excel or pdf document with malicious macros embedded within that downloads payload.

Global Risk

Low – the strain of Malware has only been observed attacking specific mail lists. The details of the mailing list are set for a very narrow set of companies, specifically within the following industries: Marketing/Advertising/Public Relations and Retail industries.

Download the full report

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s