Mavericks Blog

Mavericks has been serving the Ohio area since 2016, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Did You Know Your Router Can be Infected?

Did You Know Your Router Can be Infected?

A new type of malware is targeting routers in what is considered a large enough threat that even the FBI is addressing it. Even worse, a router isn’t necessarily a device that you think would be vulnerable to attack from a hacker. What can you do to keep your business’ Internet access points secure from hacking attacks? Let’s dig in to the details about what the VPNFilter malware does and how you can address it.

Explaining VPNFilter
The malware in question, VPNFilter, hides in routers for both individual users and small businesses with the intention of persisting even if the device has been rebooted. VPNFilter targets devices that are Ukraine-based most of the time, but others have been known to fall victim to this as well. It’s thought that the VPNFilter malware originated from a group called Sofacy. The malware itself takes three steps to become an issue for your organization.

The first is that the malware sets itself up so that it will persist even if the device is rebooted or turned off. The second stage of the attack consists of the malware installing permissions for itself to change router settings, manage files, and execute commands. This allows the router to essentially brick itself, leading to considerable connectivity problems. The final stage of this malware lets the hackers look at the data packets passing to and from the device, as well as the ability to issue commands and communicate through the Tor web browser.

The reason why the FBI recommends resetting your router is because the second and third steps are wiped when you do so, but the first stage remains regardless.

Is Your Router Affected?
While not all routers are affected, there is still a sizeable list of confirmed contaminated devices. Some of the affected brands include:

  • Asus
  • D-Link
  • Huawei
  • Linksys
  • MikroTik
  • Netgear
  • TP-Link
  • Ubiquiti
  • Upvel
  • ZTE

For a comprehensive list of affected devices, you can see specifics for each brand at Symantec’s website:

How to Fix It
The best way to resolve these issues with VPNFilter is to perform a factory reset for your router, which completely deletes anything installed during the first stage of the threat. If the router’s manufacturer has administered a patch for the vulnerability, you can also install it following a factory reset so that you’ll never have to deal with this vulnerability again.

For more updates and tips on some of the latest threats, keep an eye on Mavericks’s blog.

Know Your Tech: CMS
How to Be Selective when Picking a Backup Solution


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Tuesday, July 17 2018

Captcha Image

Mobile? Grab this Article!


Tag Cloud

Tip of the Week Security Technology Best Practices Privacy Tech Term Email Malware Internet Internet of Things Network Security Cloud Computing Business Computing Data recovery Data Backup Windows VoIp Communications Saving Money Mobile Devices Android Google Connectivity Smartphone Cloud BDR Backup Artificial Intelligence Innovation Data Protection Small Business Data Cybercrime Smartphones User Tips Microsoft Network Business Management Money Social Engineering Comparison Identity Theft Business Intelligence CES Infrastructure How To Outsourced IT Content Management Router Computers Vulnerability Two-factor Authentication Browser Paperless Office VPN Managed IT services Blockchain Password Managed IT Amazon Web Services Disaster Recovery Systems Organizations today HVAC HIPAA Save Money Upgrade Wireless Charging Password Manager Authentication Telecommuting Digital Signature Legal Law Enforcement Holiday data-driven marketplace Workplace Tips Chrome Electronic Medical Records Telephone System Windows 7 IT Services Remote Work PDF Computer Hosted Solutions Online Shopping top-line performance Remote Monitoring USB Cortana Cybersecurity Bandwidth Update Networking OneNote business intelligence Work/Life Balance Data Management Wire Google Apps Productivity Big Data Nanotechnology Encryption Enterprise Content Management Addiction Evernote organizations need Criminal Cleaning Millennials Human Resources Sports Business Business Mangement Smart Tech Telephone Systems Apps Hardware Machine Learning Password Management Communication Hackers Specifications Practices Workforce IT Plan Smart Office Employer-Employee Relationship Data Security Passwords Facebook NIST Applications Accountants Workers Staff Word Gmail Devices Credit Cards BYOD YouTube Cryptocurrency Website Alert Hosted Computing Windows 10 Virtualization Office 365 Recycling Collaboration Fraud Mobile Device Management Bring Your Own Device Safe Mode Cache Keyboard Phishing Inventory Document Management eWaste Thought Leadership Efficiency Disaster Recovery IT Support Ransomware Mobile Device Automation Amazon Servers Virtual Assistant Wireless Internet Charger Access Control IT Management Software Entertainment Microsoft Office Twitter Thank You Congratulations Gadgets Company Culture Managing Stress

Blog Archive