094 90 48200     Get SUPPORT

Aniar IT Services Blog

Did You Know Your Router Can be Infected?

Did You Know Your Router Can be Infected?

A new type of malware is targeting routers in what is considered a large enough threat that even the FBI is addressing it. Even worse, a router isn’t necessarily a device that you think would be vulnerable to attack from a hacker. What can you do to keep your business’ Internet access points secure from hacking attacks? Let’s dig in to the details about what the VPNFilter malware does and how you can address it.

Explaining VPNFilter
The malware in question, VPNFilter, hides in routers for both individual users and small businesses with the intention of persisting even if the device has been rebooted. VPNFilter targets devices that are Ukraine-based most of the time, but others have been known to fall victim to this as well. It’s thought that the VPNFilter malware originated from a group called Sofacy. The malware itself takes three steps to become an issue for your organization.

The first is that the malware sets itself up so that it will persist even if the device is rebooted or turned off. The second stage of the attack consists of the malware installing permissions for itself to change router settings, manage files, and execute commands. This allows the router to essentially brick itself, leading to considerable connectivity problems. The final stage of this malware lets the hackers look at the data packets passing to and from the device, as well as the ability to issue commands and communicate through the Tor web browser.

The reason why the FBI recommends resetting your router is because the second and third steps are wiped when you do so, but the first stage remains regardless.

Is Your Router Affected?
While not all routers are affected, there is still a sizeable list of confirmed contaminated devices. Some of the affected brands include:

  • Asus
  • D-Link
  • Huawei
  • Linksys
  • MikroTik
  • Netgear
  • TP-Link
  • Ubiquiti
  • Upvel
  • ZTE

For a comprehensive list of affected devices, you can see specifics for each brand at Symantec’s website: https://www.symantec.com/blogs/threat-intelligence/vpnfilter-iot-malware

How to Fix It
The best way to resolve these issues with VPNFilter is to perform a factory reset for your router, which completely deletes anything installed during the first stage of the threat. If the router’s manufacturer has administered a patch for the vulnerability, you can also install it following a factory reset so that you’ll never have to deal with this vulnerability again.

For more updates and tips on some of the latest threats, keep an eye on Aniar IT Services’s blog.

Know Your Tech: CMS
How to Be Selective when Picking a Backup Solution
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, September 26 2018

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Tip of the Week Security Technology Best Practices Privacy Tech Term Google Email Cloud Business Computing Microsoft Network Security Hackers Innovation Data Backup Malware Internet VoIP Mobile Devices Android Data User Tips Data Recovery Cloud Computing Hardware Artificial Intelligence Communication Small Business Managed IT Services How To Backup Smartphones Internet of Things Applications Cybersecurity IT Services Windows 10 Smartphone Communications Software Browser Computers Chrome Saving Money Windows Cybercrime Network Collaboration Connectivity Money Business Management Two-factor Authentication IT Support BDR Passwords Outsourced IT Facebook Gadgets Data Security Workplace Tips Office 365 Data Protection Hosted Solutions Efficiency Word Business Ransomware Spam Router Mobile Device Management Vulnerability Law Enforcement Operating System IT Management Sports Managed Service App Paperless Office Managed IT CES Save Money BYOD Computer Business Intelligence Update Encryption Infrastructure Apps Content Management Business Continuity IT Plan Windows 7 VPN Remote Monitoring Managed IT services Password Settings Microsoft Office OneNote Virtualization Blockchain Redundancy Unsupported Software Telephone Systems Social Engineering Data Storage Website Server Avoiding Downtime Miscellaneous Phishing Upgrade Comparison Social Media Spam Blocking Identity Theft Information Virtual Assistant Bring Your Own Device Specifications Gmail Enterprise Content Management Tip of the week Credit Cards PDF Wiring Workers Access Control Wi-Fi Data Management Telephony Trending Cleaning Meetings Solid State Drive HaaS Scam Evernote Recycling Devices Password Management Windows 10s Google Drive Windows Server 2008 Augmented Reality Fraud Firewall Downtime Authentication Servers Screen Mirroring HBO Human Resources MSP Keyboard Practices Entertainment Employer-Employee Relationship Botnet Telecommuting Cache Telephone System Audit Physical Security Root Cause Analysis Disaster Recovery eWaste Thought Leadership NIST Private Cloud Computer Care The Internet of Things Amazon Unified Threat Management Skype Bandwidth HVAC Cast Outlook Government Staff File Sharing Charger Hosted Computing Machine Learning Travel Remote Work Wireless Internet Voice over Internet Protocol Mobile Computing Tools Work/Life Balance Legal Automation Cryptocurrency Public Cloud Patch Management Big Data Amazon Web Services Accountants Start Menu Password Manager Nanotechnology Frequently Asked Questions Recovery Training Wireless Charging Inventory YouTube Data loss HIPAA USB Computer Fan Sync Multi-Factor Security Smart Office Millennials Criminal Safe Mode Software Tips Holiday Business Mangement Smart Tech Networking Excel Digital Signature Remote Worker Google Apps Mobile Device Cortana Alert Electronic Medical Records Wire FENG Document Management Camera Value Workforce Addiction Flash Google Docs Online Shopping Productivity Public Speaking Managed Service Provider Managing Stress Presentation Printers Hiring/Firing Lithium-ion battery Tech Support Wireless Technology 5G Fun Safety IBM Emergency Marketing Hacker Productivity Budget Competition Compliance Customer Relationship Management Hard Drives IP Address Users Search Regulation Customer Service Quick Tips Mobile Office Twitter WiFi Domains CrashOverride Company Culture Wireless Windows 10