253.777.0763    Get SUPPORT

Did You Know Your Router Can be Infected?

Did You Know Your Router Can be Infected?

A new type of malware is targeting routers in what is considered a large enough threat that even the FBI is addressing it. Even worse, a router isn’t necessarily a device that you think would be vulnerable to attack from a hacker. What can you do to keep your business’ Internet access points secure from hacking attacks? Let’s dig in to the details about what the VPNFilter malware does and how you can address it.

Explaining VPNFilter
The malware in question, VPNFilter, hides in routers for both individual users and small businesses with the intention of persisting even if the device has been rebooted. VPNFilter targets devices that are Ukraine-based most of the time, but others have been known to fall victim to this as well. It’s thought that the VPNFilter malware originated from a group called Sofacy. The malware itself takes three steps to become an issue for your organization.

The first is that the malware sets itself up so that it will persist even if the device is rebooted or turned off. The second stage of the attack consists of the malware installing permissions for itself to change router settings, manage files, and execute commands. This allows the router to essentially brick itself, leading to considerable connectivity problems. The final stage of this malware lets the hackers look at the data packets passing to and from the device, as well as the ability to issue commands and communicate through the Tor web browser.

The reason why the FBI recommends resetting your router is because the second and third steps are wiped when you do so, but the first stage remains regardless.

Is Your Router Affected?
While not all routers are affected, there is still a sizeable list of confirmed contaminated devices. Some of the affected brands include:

  • Asus
  • D-Link
  • Huawei
  • Linksys
  • MikroTik
  • Netgear
  • TP-Link
  • Ubiquiti
  • Upvel
  • ZTE

For a comprehensive list of affected devices, you can see specifics for each brand at Symantec’s website: https://www.symantec.com/blogs/threat-intelligence/vpnfilter-iot-malware

How to Fix It
The best way to resolve these issues with VPNFilter is to perform a factory reset for your router, which completely deletes anything installed during the first stage of the threat. If the router’s manufacturer has administered a patch for the vulnerability, you can also install it following a factory reset so that you’ll never have to deal with this vulnerability again.

For more updates and tips on some of the latest threats, keep an eye on Graemouse Technologies’s blog.

Know Your Tech: CMS
How to Be Selective when Picking a Backup Solution
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Sunday, November 18 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Smart Tech Website Camera Settings Google Hackers Authentication Content Management Gadgets Unsupported Software Law Enforcement Windows 10 Spam File Sharing Alert Applications Cloud OneNote Skype Windows 7 Malware Computer Care Best Practices Saving Money Bring Your Own Device Microchip Apps Cybercrime Computer Password Management Hardware Internet of Things Voice over Internet Protocol Password Screen Mirroring IT Management Telephone System MSP Update Outlook Data Backup Cortana Practices IT Services Augmented Reality How To User Tips Spam Blocking Comparison Network Security Artificial Intelligence Efficiency Innovation Telecommuting Business Continuity Infrastructure Cybersecurity Server NIST Tip of the Week Communications Samsung WiFi Workforce User Error Training Outsourced IT Computers Telephone Systems Miscellaneous Trending Social Engineering Office 365 Google Drive Data Recovery IT Plan Backup Networking Remote Work Microsoft Office Data Servers Scam Gmail Managed IT Services Managing Stress Two-factor Authentication Google Apps Ransomware Facebook Privacy Technology Redundancy Botnet Passwords Telephony Digital Signature Net Neutrality Smartphone Tip of the week Administrator Remote Monitoring Audit Word Small Business Company Culture Wi-Fi Public Cloud VPN BDR Social Media Blockchain Managed Service Provider Email Browser Advertising Smart Office Amazon Web Services Operating System Nanotechnology Collaboration Automation YouTube Smartphones Encryption Upgrade Electronic Medical Records Windows Server 2008 Microsoft Managed Service Cloud Computing IT Consultant Flexibility Business Computing Paperless Office Twitter Data Protection Leadership Government BYOD Virtualization Business Management App Solid State Drive Data loss Android Security Online Shopping Mobile Device Management Data Storage Emails Router Health Identity Theft Managed IT Workplace Tips Managed IT Services Phishing Save Money Software Office VoIP Internet Tech Term Connectivity Money Employer-Employee Relationship Avoiding Downtime Quick Tips Communication Network Recycling Virtual Assistant IT Support Mobile Device Information Bandwidth Addiction Windows 10 Hosted Solutions HBO Productivity Hiring/Firing Fraud Chrome Business Keyboard Windows CES Vulnerability Mobile Devices Recovery eWaste Business Intelligence Data Security Supercomputer Workers Private Cloud Sports Data Breach

Newsletter Sign Up