No, folks, the hacking has not let up.
As I've pointed out my HomeDaemon-MCP machine has been laughing at state-level style nasties for quite some time, with a few "hall of shame" notes in this column.
Now comes this warning from Talos:
For several months, Talos has been working with public- and private-sector threat intelligence partners and law enforcement in researching an advanced, likely state-sponsored or state-affiliated actor's widespread use of a sophisticated modular malware system we call "VPNFilter." We have not completed our research, but recent events have convinced us that the correct way forward is to now share our findings so that affected parties can take the appropriate action to defend themselves. In particular, the code of this malware overlaps with versions of the BlackEnergy malware — which was responsible for multiple large-scale attacks that targeted devices in Ukraine.
This is exactly why you can't have anything that is potentially-vulnerable on the public-facing side of the Internet at your home or office.
Ever.
The list of known problem devices that are being targeted include a lot of popular WiFi routers, for one, along with NAS devices popular with small and home office users.
I don't think I need to explain why having your office data stash penetrated and stolen is bad, nor why someone getting into your home or small-office WiFi router could easily be catastrophically bad.
The damage that someone can easily do, including spying, theft, alteration of data and similar if they get inside what you believe is a "secure" perimeter network is typically somewhere between severe and, in the case of a business, literal business-ending catastrophic. Never mind the potential exposure if said party then uses your connection to do something severely-criminal; while the common home user is unlikely to get charged the disruption to your life in having the authorities show up and worse, if you're a small business, what happens to your reputation if such a "take-over" is then abused to ship things around like child pornography ought to be enough to keep you up at night.
This sort of problem is not going to go away, and as soon as you allow anything that might matter to you and is on all the time to be behind or in such a "gateway" you are at severe risk. As soon as those "things" have cloud access or worse -- any sort of connection to your home's security and monitoring (e.g. IP cameras, etc) and are on all the time the potential for damage becomes compounded dramatically.
Don't believe for a minute that this problem will get "better" if you do nothing and wait -- it will get worse, much worse, since people keep bringing things like "Home assistant" devices with microphones into their houses that are on all the time.
It's one thing if your laptop is at risk through such a problem since your laptop is only on when you're using it for most people, and the rest of the time it's powered down. It's quite a different matter when you stick something on that same network that is on 24x7, whether you're home or not, and can act in your absence or while you are asleep.