On May 23 2018, researchers at Cisco Talos published a report documenting a new sophisticated modular malware system known as VPNFilter.
More than 500,000 devices around the world are said to be infected with this malware – most of them are consumer internet routers from a range of different vendors.
Below is a list of routers Symantec identified as vulnerable to VPNFilter.
Mikrotik RouterOS for Cloud Core Routers: Versions 1016, 1036, and 1072
QNAP TS439 Pro
Other QNAP NAS devices running QTS software
"No other vendors, including Cisco, have been observed as infected by VPNFilter, but our research continues," according to Cisco Talos, which first reported the bug.
SonicWall researchers are continuing to monitor developments surrounding VPNFilter but have so far confirmed that no SonicWall appliances are impacted by the malware. SonicWall customers are being advised that there is no need to reboot or take any action on any SonicWall appliance.
If you use one of the routers that have been identified as vulnerable to VPNFIlter, we recommend following the directions issued by the manufacturer. The following is a list of security advisories and responses published by the companies impacted to date: