Infracore LLC Blog

Did You Know Your Router Can be Infected?

Did You Know Your Router Can be Infected?

A new type of malware is targeting routers in what is considered a large enough threat that even the FBI is addressing it. Even worse, a router isn’t necessarily a device that you think would be vulnerable to attack from a hacker. What can you do to keep your business’ Internet access points secure from hacking attacks? Let’s dig in to the details about what the VPNFilter malware does and how you can address it.

Explaining VPNFilter
The malware in question, VPNFilter, hides in routers for both individual users and small businesses with the intention of persisting even if the device has been rebooted. VPNFilter targets devices that are Ukraine-based most of the time, but others have been known to fall victim to this as well. It’s thought that the VPNFilter malware originated from a group called Sofacy. The malware itself takes three steps to become an issue for your organization.

The first is that the malware sets itself up so that it will persist even if the device is rebooted or turned off. The second stage of the attack consists of the malware installing permissions for itself to change router settings, manage files, and execute commands. This allows the router to essentially brick itself, leading to considerable connectivity problems. The final stage of this malware lets the hackers look at the data packets passing to and from the device, as well as the ability to issue commands and communicate through the Tor web browser.

The reason why the FBI recommends resetting your router is because the second and third steps are wiped when you do so, but the first stage remains regardless.

Is Your Router Affected?
While not all routers are affected, there is still a sizeable list of confirmed contaminated devices. Some of the affected brands include:

  • Asus
  • D-Link
  • Huawei
  • Linksys
  • MikroTik
  • Netgear
  • TP-Link
  • Ubiquiti
  • Upvel
  • ZTE

For a comprehensive list of affected devices, you can see specifics for each brand at Symantec’s website: https://www.symantec.com/blogs/threat-intelligence/vpnfilter-iot-malware

How to Fix It
The best way to resolve these issues with VPNFilter is to perform a factory reset for your router, which completely deletes anything installed during the first stage of the threat. If the router’s manufacturer has administered a patch for the vulnerability, you can also install it following a factory reset so that you’ll never have to deal with this vulnerability again.

For more updates and tips on some of the latest threats, keep an eye on Infracore LLC’s blog.

Know Your Tech: CMS
How to Be Selective when Picking a Backup Solution
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Thursday, December 13 2018

Captcha Image

Tag Cloud

Tip of the Week Security Technology Best Practices Privacy Cloud Google Network Security Business computing Microsoft Hackers Malware Hosted Solutions Data Innovation Software User Tips Internet Hardware Business Backup Tech Term Smartphones Data Backup Browser Business Continuity Email Windows 10 Computer Android Mobile Devices VoIP Alert Workplace Tips Communications Small Business Data Recovery Business Management IT Services Smartphone Cloud Computing Outsourced IT Productivity Managed IT Services Computers Disaster Recovery Chrome Miscellaneous Ransomware Managed IT Services Office Efficiency Law Enforcement Network Artificial Intelligence Communication Cybercrime Social Media Facebook Virtualization How To Windows Telephone Systems Internet of Things Collaboration Cybersecurity IT Support Router Productivity Money Office 365 Passwords Windows 10 Password Applications Gadgets Social Engineering Information Holiday Work/Life Balance Google Drive Server Saving Money Word Quick Tips Upgrade App Spam Health Bring Your Own Device Connectivity Mobile Device Management Save Money Private Cloud Mobile Device Apps Keyboard Phishing HaaS Managed Service BDR Office Tips Automation Data Security IT Support Scam Data Breach Microsoft Office Data Protection Hacking Voice over Internet Protocol Vulnerability Wi-Fi Two-factor Authentication Infrastructure Encryption Entertainment Managed Service Provider Data Management OneNote USB Value Government Redundancy IT Management Firewall Networking Servers Avoiding Downtime Paperless Office VPN Spam Blocking Marketing Human Resources Public Cloud Employer-Employee Relationship Charger Google Docs IT Plan Fraud Patch Management Battery Operating System Comparison Virtual Assistant Cleaning Website CES Unsupported Software End of Support Worker Remote Computing Remote Monitoring History Big Data Managed IT Sports Telephone System Flexibility Telephony Computer Care Content Management Windows 7 Software as a Service Legal Business Intelligence Settings PDF Mobility Automobile Samsung Blockchain BYOD Electronic Medical Records Training Update Data Storage Bandwidth Identity Theft Best Practice Cache Meetings Travel Television Document Management Microchip Millennials Frequently Asked Questions Computer Accessories Evernote Start Menu Monitor Multi-Factor Security HIPAA Leadership Cryptocurrency Audit Vendor Management Remote Worker WiFi Information Technology Criminal Credit Cards Techology Inventory Users Password Manager Content Emergency Public Computer Search Engine Workforce Excel Bluetooth Wireless Charging Devices Troubleshooting Tools Loyalty Wireless Internet Warranty Trending Search IT solutions Physical Security Save Time Safe Mode Access Control Virtual Reality Computer Fan Sync Wiring Instant Messaging Humor Smart Technology Internet Exlporer Current Events HVAC Business Mangement Video Games Audiobook Data loss Files Machine Learning Bing Accountants Tip of the week Cortana Thought Leadership Downtime Data storage SaaS Wire Printer Staff How to Hybrid Cloud Amazon Authentication Worker Commute The Internet of Things Experience Unified Threat Management webinar Two Factor Authentication Knowledge Enterprise Content Management Risk Management Windows Server 2008 MSP Gmail Screen Mirroring YouTube Help Desk Telecommuting Education Windows 10s Google Apps Root Cause Analysis Mouse Specifications Black Market HBO Apple Hiring/Firing Amazon Web Services Nanotechnology FENG Music Mobile Computing Conferencing Software Tips Internet exploMicrosoft Network Congestion Password Management Politics Rootkit File Sharing Recovery Recycling Scalability Cast Transportation Safety Remote Work Practices Computing Infrastructure Workers Addiction Books Botnet Assessment Smart Office Administrator Digital Signature Outlook iPhone Employer Employee Relationship Online Shopping Smart Tech Wearable Technology Skype Camera Wireless Emails Advertising IT Consultant NIST Solid State Drive Flash Augmented Reality eWaste Relocation Benefits User Error Shortcuts Hosted Computing Regulation Printers Webinar CrashOverride Twitter Thank You Company Culture Compliance Congratulations Managing Stress

Mobile? Grab this Article!

QR-Code dieser Seite

Recent Comments

Phillip Bond A Checklist of 40 Microsoft Software Titles Reaching End of Life/Extended Support in July 2016
11 December 2018
A checklist of the components is done for the widening of the elements. The scope of the check list ...
Erickson Ferry Tip of the Week: Useful Shortcuts for Google
30 November 2018
Your blog was too good. I was exceptionally satisfied to discover this site. I needed to thank you f...
Alex Ling Would Your Users be Tricked by Social Engineering?
27 November 2018
I came to know about the user that was tricked by the users in this community this was all on social...
Daniel Mcmahon Ancient Greek Computer in Serious Need of Firmware Update
23 November 2018
Computers which are imported from the Greek now want to update the all software that is firmware tra...
Cameran Moon Download the Wrong App and Have More Than Pokémon Fever Infect Your Device
22 November 2018
Infra core was the heart of IT they told us that if we download a wrong application it will infect o...