A newly discovered network of hacked routers and storage devices could be used to launch a massive cyberattack or overthrow hundreds of thousands of Internet users offline,
and authorities in the US and Ukraine warned on Wednesday
An attack could be up to the last game of the UEFA Champions League football on Saturday in Kiev According to security researchers and Ukrainian authorities
more than half a million devices in 54 countries are infected with sophisticated software called VPNFilter, which can install other software or even internal changes that render the devices unusable
A Security Researcher at Cisco
The network had grown quietly since 201
The Ukrainian authorities say they believe this could be a harbinger of a cyber attack by Russia on the Champions League final
A representative of the Ukrainian Consulate in Washington, DC, did not respond to requests for further comments.
Ukraine has blamed Russia for a wave of disruptive cyber-attacks that have brought electricity to a standstill and hacked computers across the country the last three years. Ukraine was the main target of the Petya computer virus last year, cybersecurity researchers believe, an attack on the eve of a national holiday to pass the Constitution of Ukraine
Earlier this year, authorities in the United States and Britain blamed Russia for the Petya outbreak. Russia has called the allegations "groundless".
Based on the code used by VPNFilter hackers and the fact that recent infections have focused on Ukrainian targets, Cisco believes the new network may be related to the previous incidents. it's far from 100 percent safe, "said Mr. Williams.
It's unclear what's coming next, researchers and authorities say.But VPNFilter has the ability to install software that shares sensitive information from the network like passwords or even Stealing data from power plants or factory computers, said Williams.
Those who built the network could launch a new virus like Petya, attack power plants, or disrupt computer systems related to the upcoming Champions League game, Williams said after a cyber attack the developers cover their steps by wiping out the infected device's software and effectively leaving hundreds of thousands of people without Internet access.
"The reality is that this attacker has limitless possibilities," according to Mr. Williams
the VPNFilter malware detected certain Linksys routers built by Belkin International Inc., as well as some, the of
SIA Mikrotīkls (MikroTik) and TP-Link Technologies Co. and some memory devices built by QNAP Systems, Inc.
Many of these devices " We can handle known known attacks or standard administrative passwords, "Williams said.
Netgear and TP-Link released a security report on Wednesday stating that companies are investigating VPNFilter malware. They advised users to update the software of their routers and to avoid using the default passwords.
The other device manufacturers did not immediately respond to requests for comments.
The US Department of Homeland Security issued a warning on VPNFilter on Wednesday, saying that the software "has the potential to block Internet access for hundreds of thousands of users."
After years of focusing on personal computers, hackers have increasingly turned to the Internet of Things – routers and storage devices, VCRs, and other Internet-connected devices – which typically do not run antivirus software and are often accessible with standard usernames and passwords.
In 2016, a network of about 300,000 such infected devices caused a widespread Internet failure to the US through a massive online attack against an Internet service provider.
Please contact Robert McMillan at Robert.Mcmillan@wsj.com