094 90 48200     Get SUPPORT

Aniar IT Services Blog

Did You Know Your Router Can be Infected?

Did You Know Your Router Can be Infected?

A new type of malware is targeting routers in what is considered a large enough threat that even the FBI is addressing it. Even worse, a router isn’t necessarily a device that you think would be vulnerable to attack from a hacker. What can you do to keep your business’ Internet access points secure from hacking attacks? Let’s dig in to the details about what the VPNFilter malware does and how you can address it.

Explaining VPNFilter
The malware in question, VPNFilter, hides in routers for both individual users and small businesses with the intention of persisting even if the device has been rebooted. VPNFilter targets devices that are Ukraine-based most of the time, but others have been known to fall victim to this as well. It’s thought that the VPNFilter malware originated from a group called Sofacy. The malware itself takes three steps to become an issue for your organization.

The first is that the malware sets itself up so that it will persist even if the device is rebooted or turned off. The second stage of the attack consists of the malware installing permissions for itself to change router settings, manage files, and execute commands. This allows the router to essentially brick itself, leading to considerable connectivity problems. The final stage of this malware lets the hackers look at the data packets passing to and from the device, as well as the ability to issue commands and communicate through the Tor web browser.

The reason why the FBI recommends resetting your router is because the second and third steps are wiped when you do so, but the first stage remains regardless.

Is Your Router Affected?
While not all routers are affected, there is still a sizeable list of confirmed contaminated devices. Some of the affected brands include:

  • Asus
  • D-Link
  • Huawei
  • Linksys
  • MikroTik
  • Netgear
  • TP-Link
  • Ubiquiti
  • Upvel
  • ZTE

For a comprehensive list of affected devices, you can see specifics for each brand at Symantec’s website: https://www.symantec.com/blogs/threat-intelligence/vpnfilter-iot-malware

How to Fix It
The best way to resolve these issues with VPNFilter is to perform a factory reset for your router, which completely deletes anything installed during the first stage of the threat. If the router’s manufacturer has administered a patch for the vulnerability, you can also install it following a factory reset so that you’ll never have to deal with this vulnerability again.

For more updates and tips on some of the latest threats, keep an eye on Aniar IT Services’s blog.

Know Your Tech: CMS
How to Be Selective when Picking a Backup Solution
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Sunday, November 18 2018

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Tip of the Week Security Technology Best Practices Privacy Tech Term Google Data Backup User Tips Cloud Business Computing Email Network Security Innovation Hardware Microsoft Data Recovery Data Hackers Malware Internet VoIP Browser Business Mobile Devices Android Cloud Computing Communication Managed IT Services Workplace Tips Communications Chrome How To Backup Network Smartphones Internet of Things IT Services Windows 10 Small Business Artificial Intelligence Smartphone Computers Information Saving Money Windows Collaboration Business Management Cybercrime IT Support Computer Software Applications BDR Cybersecurity Outsourced IT Data Security Business Continuity Office 365 Server Miscellaneous Hosted Solutions Efficiency Data Protection Spam Mobile Device Management Vulnerability Word Two-factor Authentication Ransomware Router Productivity Connectivity Passwords Money Facebook Gadgets Virtualization Content Management Keyboard Unsupported Software VPN Password Data Storage Website Windows 7 Virtual Assistant Managed IT services Blockchain Upgrade Redundancy Social Media Managed Service Spam Blocking Telephone Systems Save Money Social Engineering Paperless Office Avoiding Downtime Bring Your Own Device Operating System Identity Theft IT Management Phishing App Telephone System Comparison BYOD Law Enforcement Sports CES Apps Scam Remote Monitoring Managed IT Fraud IT Plan Encryption OneNote Infrastructure Business Intelligence Settings Microsoft Office Update Safe Mode Cache Smart Office HBO Practices Big Data Networking eWaste Thought Leadership Remote Worker Botnet Telecommuting Public Cloud Amazon Bandwidth Disaster Recovery Staff Microchip Computer Care Hosted Computing Skype Data loss Wireless Internet Document Management Camera Outlook Government Computer Fan Charger Enterprise Content Management Voice over Internet Protocol Legal Automation Wiring Travel Remote Work Amazon Web Services Software Tips Accountants Password Manager Nanotechnology Tools Work/Life Balance Search Engine Patch Management FENG Wireless Charging Inventory Start Menu Cortana Alert HIPAA USB Frequently Asked Questions Recovery Password Management Sync Multi-Factor Security Criminal Firewall Holiday WiFi Business Mangement Smart Tech MSP Millennials Digital Signature Servers Bing Google Apps Mobile Device Electronic Medical Records Wire Entertainment Wi-Fi Warranty Excel NIST Meetings Addiction Unified Threat Management Solid State Drive Online Shopping Flash Google Docs Downtime Gmail File Sharing Value Workforce Windows 10s Credit Cards Google Drive PDF HVAC Augmented Reality Help Desk Workers Access Control Specifications Screen Mirroring Data Management Machine Learning Printer Tip of the week Cryptocurrency Telephony Trending Employer-Employee Relationship Mobile Computing Audit Evernote Physical Security Cleaning HaaS Root Cause Analysis Recycling Devices Training Private Cloud The Internet of Things Authentication Cast Human Resources YouTube Mouse Windows Server 2008 Customer Relationship Management Competition Quick Tips Hard Drives IP Address Search Users Emergency Company Culture Customer Service Mobile Office CrashOverride Domains Managing Stress Wireless Printers Windows 10 Twitter Managed Service Provider Public Speaking Presentation Hiring/Firing Lithium-ion battery Fun Tech Support Compliance Wireless Technology 5G IBM Safety Software as a Service Marketing Hacker Productivity Budget Regulation