094 90 48200     Get SUPPORT

Aniar IT Services Blog

2 minutes reading time (392 words)

Did You Know Your Router Can be Infected?

Did You Know Your Router Can be Infected?

A new type of malware is targeting routers in what is considered a large enough threat that even the FBI is addressing it. Even worse, a router isn’t necessarily a device that you think would be vulnerable to attack from a hacker. What can you do to keep your business’ Internet access points secure from hacking attacks? Let’s dig in to the details about what the VPNFilter malware does and how you can address it.

Explaining VPNFilter
The malware in question, VPNFilter, hides in routers for both individual users and small businesses with the intention of persisting even if the device has been rebooted. VPNFilter targets devices that are Ukraine-based most of the time, but others have been known to fall victim to this as well. It’s thought that the VPNFilter malware originated from a group called Sofacy. The malware itself takes three steps to become an issue for your organization.

The first is that the malware sets itself up so that it will persist even if the device is rebooted or turned off. The second stage of the attack consists of the malware installing permissions for itself to change router settings, manage files, and execute commands. This allows the router to essentially brick itself, leading to considerable connectivity problems. The final stage of this malware lets the hackers look at the data packets passing to and from the device, as well as the ability to issue commands and communicate through the Tor web browser.

The reason why the FBI recommends resetting your router is because the second and third steps are wiped when you do so, but the first stage remains regardless.

Is Your Router Affected?
While not all routers are affected, there is still a sizeable list of confirmed contaminated devices. Some of the affected brands include:

  • Asus
  • D-Link
  • Huawei
  • Linksys
  • MikroTik
  • Netgear
  • TP-Link
  • Ubiquiti
  • Upvel
  • ZTE

For a comprehensive list of affected devices, you can see specifics for each brand at Symantec’s website: https://www.symantec.com/blogs/threat-intelligence/vpnfilter-iot-malware

How to Fix It
The best way to resolve these issues with VPNFilter is to perform a factory reset for your router, which completely deletes anything installed during the first stage of the threat. If the router’s manufacturer has administered a patch for the vulnerability, you can also install it following a factory reset so that you’ll never have to deal with this vulnerability again.

For more updates and tips on some of the latest threats, keep an eye on Aniar IT Services’s blog.

Know Your Tech: CMS
How to Be Selective when Picking a Backup Solution


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Monday, July 23 2018

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Tip of the Week Security Technology Best Practices Privacy Google Business Computing Microsoft Email Tech Term Cloud Android VoIP Cloud Computing Data Backup Malware Backup User Tips Internet Data Recovery Small Business How To Hackers Network Security Innovation Collaboration Hardware Managed IT Services Mobile Devices Cybercrime Communication Data Computers Software Artificial Intelligence Chrome Cybersecurity Smartphone Windows Browser Communications Internet of Things Vulnerability Connectivity Saving Money Business Management Business Smartphones Spam Mobile Device Management Word Windows 10 Two-factor Authentication Ransomware Router Data Security Money Data Protection BDR Efficiency Network Office 365 Managed IT services Bring Your Own Device Upgrade Redundancy Operating System IT Management IT Support App CES Applications Telephone Systems Social Engineering BYOD Paperless Office Infrastructure Avoiding Downtime IT Services Content Management Phishing Facebook VPN Comparison Computer IT Plan Password Remote Monitoring Passwords OneNote Blockchain Virtualization Law Enforcement Unsupported Software Apps Data Storage Managed IT Business Intelligence Microsoft Office Update Outsourced IT Hosted Solutions Identity Theft Business Continuity Spam Blocking Website Windows 7 PDF Skype Gmail Outlook Government Credit Cards Document Management Voice over Internet Protocol Workers Access Control Travel Virtual Assistant Remote Work Data Management Sports Evernote Cleaning Social Media Tools Enterprise Content Management Work/Life Balance Patch Management Meetings Fraud Encryption Start Menu Solid State Drive Recycling Devices Frequently Asked Questions Recovery Sync Multi-Factor Security Windows 10s Google Drive Authentication Save Money Downtime Human Resources Screen Mirroring Keyboard Practices Password Management Millennials Cache Employer-Employee Relationship Amazon Servers Audit Physical Security eWaste Thought Leadership Wi-Fi Excel Entertainment Private Cloud Bandwidth Telephone System Root Cause Analysis Staff Settings Cast Charger Hosted Computing Value NIST Workforce Wireless Internet Flash Google Docs Amazon Web Services Accountants HVAC Specifications Legal Automation Tip of the week Telephony Machine Learning Trending Public Cloud Password Manager Nanotechnology Scam Wireless Charging Inventory Cryptocurrency HIPAA USB The Internet of Things HaaS Server Data loss Holiday Gadgets Workplace Tips Computer Fan Criminal Windows Server 2008 YouTube Software Tips Business Mangement Smart Tech HBO Digital Signature Smart Office Google Apps Mobile Device Botnet Safe Mode Telecommuting Electronic Medical Records Wire Big Data Cortana Alert Online Shopping Productivity Networking Disaster Recovery FENG Addiction Computer Care Customer Service Company Culture Miscellaneous Mobile Office Managed Service Provider Domains Managing Stress Wireless Hiring/Firing Windows 10 Fun Public Speaking WiFi Presentation Lithium-ion battery Augmented Reality Tech Support Wireless Technology 5G IBM Safety Hard Drives Marketing Hacker Search Productivity Budget Twitter Customer Relationship Management Competition IP Address CrashOverride Users Emergency