253.777.0763    Get SUPPORT

Graemouse Technologies Blog

Did You Know Your Router Can be Infected?

Did You Know Your Router Can be Infected?

A new type of malware is targeting routers in what is considered a large enough threat that even the FBI is addressing it. Even worse, a router isn’t necessarily a device that you think would be vulnerable to attack from a hacker. What can you do to keep your business’ Internet access points secure from hacking attacks? Let’s dig in to the details about what the VPNFilter malware does and how you can address it.

Explaining VPNFilter
The malware in question, VPNFilter, hides in routers for both individual users and small businesses with the intention of persisting even if the device has been rebooted. VPNFilter targets devices that are Ukraine-based most of the time, but others have been known to fall victim to this as well. It’s thought that the VPNFilter malware originated from a group called Sofacy. The malware itself takes three steps to become an issue for your organization.

The first is that the malware sets itself up so that it will persist even if the device is rebooted or turned off. The second stage of the attack consists of the malware installing permissions for itself to change router settings, manage files, and execute commands. This allows the router to essentially brick itself, leading to considerable connectivity problems. The final stage of this malware lets the hackers look at the data packets passing to and from the device, as well as the ability to issue commands and communicate through the Tor web browser.

The reason why the FBI recommends resetting your router is because the second and third steps are wiped when you do so, but the first stage remains regardless.

Is Your Router Affected?
While not all routers are affected, there is still a sizeable list of confirmed contaminated devices. Some of the affected brands include:

  • Asus
  • D-Link
  • Huawei
  • Linksys
  • MikroTik
  • Netgear
  • TP-Link
  • Ubiquiti
  • Upvel
  • ZTE

For a comprehensive list of affected devices, you can see specifics for each brand at Symantec’s website: https://www.symantec.com/blogs/threat-intelligence/vpnfilter-iot-malware

How to Fix It
The best way to resolve these issues with VPNFilter is to perform a factory reset for your router, which completely deletes anything installed during the first stage of the threat. If the router’s manufacturer has administered a patch for the vulnerability, you can also install it following a factory reset so that you’ll never have to deal with this vulnerability again.

For more updates and tips on some of the latest threats, keep an eye on Graemouse Technologies’s blog.

Know Your Tech: CMS
How to Be Selective when Picking a Backup Solution


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Friday, February 22 2019

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Fraud Office 365 Managed Service Managed IT Technology CES Google Docs Windows 10 Automation Data Recovery VPN Cryptocurrency Bandwidth Data Management Settings Infrastructure Botnet Hardware Redundancy Bring Your Own Device Productivity Start Menu Flash Cybercrime Communication Computers OneNote Netflix App Printer Two-factor Authentication Microsoft Office Smartphone Digital Signage Vulnerability Router Small Business Specifications Employer-Employee Relationship Software as a Service Passwords Emergency Bing BDR Tech Term Internet Exlporer Outsourced IT Wiring Money Document Management Excel IT Management Cybersecurity Social Media Network Security Computer Operating System Scam Wireless Internet IT Support Voice over Internet Protocol Managed IT Services Human Resources Telephone System Data Breach Vendor FCC Charger Update Blockchain Server Safe Mode End of Support Data Backup Privacy How To Best Practices IT Services Efficiency Health Skype Windows 10s Hybrid Cloud Save Money Mobile Device Business Computing User Tips Public Cloud Mobile Device Management Search Engine Warranty Telephone Systems Cast Encryption Android Smartphones Backup Gadgets Browser Hosted Solutions Business Continuity HIPAA Internet Applications Firewall Phishing Mobile Devices Spam Blocking Identity Theft BYOD Business Google Drive Virtual Assistant Windows Tip of the Week Workplace Tips Windows 10 Managed IT Services Machine Learning Hiring/Firing Keyboard Government Servers Innovation Social Engineering Network Criminal Telephony Hackers Current Events Software Facebook Spam Quick Tips Access Control Relocation Private Cloud Data Protection Unsupported Software Alert Information Paperless Office Wi-Fi Evernote Networking FENG WiFi Apple Disaster Recovery Frequently Asked Questions Password Data Connectivity Knowledge Root Cause Analysis Online Shopping Law Enforcement Holiday Upgrade Email Collaboration Avoiding Downtime Data Security Microsoft Business Intelligence Inventory Ransomware Travel Windows 7 Meetings Website Google Cache HaaS Miscellaneous Internet of Things eWaste Virtualization Apps Cloud Computing IT Plan Content Management Cloud webinar Chrome Comparison Word Entertainment Communications Remote Monitoring Artificial Intelligence Saving Money Hosted Computing Sports Malware VoIP Security Business Management Files Data Storage

Newsletter Sign Up