Talos recently published a blog about a broad campaign delivered VPNFilter to small home-office network devices, as well as network-attached storage devices. In the days since we first published our findings on the campaign, we have seen that VPNFilter is targeting more makes/models of devices than initially thought. We have also discovered a new stage 3 module that injects malicious content into web traffic as it passes through a network device. We provide technical details on this module, named “ssler,” below.”]
Source: https://blog.talosintelligence.com/2018/06/vpnfilter-update.html

