Mavericks Blogs

Did You Know Your Router Can be Infected?

Did You Know Your Router Can be Infected?

A new type of malware is targeting routers in what is considered a large enough threat that even the FBI is addressing it. Even worse, a router isn’t necessarily a device that you think would be vulnerable to attack from a hacker. What can you do to keep your business’ Internet access points secure from hacking attacks? Let’s dig in to the details about what the VPNFilter malware does and how you can address it.

Explaining VPNFilter
The malware in question, VPNFilter, hides in routers for both individual users and small businesses with the intention of persisting even if the device has been rebooted. VPNFilter targets devices that are Ukraine-based most of the time, but others have been known to fall victim to this as well. It’s thought that the VPNFilter malware originated from a group called Sofacy. The malware itself takes three steps to become an issue for your organization.

The first is that the malware sets itself up so that it will persist even if the device is rebooted or turned off. The second stage of the attack consists of the malware installing permissions for itself to change router settings, manage files, and execute commands. This allows the router to essentially brick itself, leading to considerable connectivity problems. The final stage of this malware lets the hackers look at the data packets passing to and from the device, as well as the ability to issue commands and communicate through the Tor web browser.

The reason why the FBI recommends resetting your router is because the second and third steps are wiped when you do so, but the first stage remains regardless.

Is Your Router Affected?
While not all routers are affected, there is still a sizeable list of confirmed contaminated devices. Some of the affected brands include:

  • Asus
  • D-Link
  • Huawei
  • Linksys
  • MikroTik
  • Netgear
  • TP-Link
  • Ubiquiti
  • Upvel
  • ZTE

For a comprehensive list of affected devices, you can see specifics for each brand at Symantec’s website: https://www.symantec.com/blogs/threat-intelligence/vpnfilter-iot-malware

How to Fix It
The best way to resolve these issues with VPNFilter is to perform a factory reset for your router, which completely deletes anything installed during the first stage of the threat. If the router’s manufacturer has administered a patch for the vulnerability, you can also install it following a factory reset so that you’ll never have to deal with this vulnerability again.

For more updates and tips on some of the latest threats, keep an eye on Mavericks’s blog.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Tuesday, February 19 2019

Captcha Image

Mobile? Grab this Article!

QR-Code

Tag Cloud

Tip of the Week Security Technology Best Practices Tech Term Privacy User Tips Business Computing Hosted Solutions Mobile Devices Data Data recovery Network Security Productivity Communications Cloud Email Innovation Data Backup Google Cloud Computing Internet Internet of Things Malware IT Services Smartphone Workplace Tips IT Support Hardware Smartphones Artificial Intelligence VoIp Outsourced IT Hackers Saving Money Communication Business Applications Network BDR Information Backup Windows 10 Browser Router Mobile Device Small Business Managed IT Services Miscellaneous Connectivity Android Holiday Data Protection Chrome Microsoft Efficiency Gadgets Business Management Encryption Computer Managed Service Windows Sports How To Money Automation Social Engineering Voice over Internet Protocol Blockchain Infrastructure Business Continuity Access Control Disaster Recovery Computers Two-factor Authentication Comparison Vulnerability Servers Managed IT services Machine Learning Virtual Assistant Word Password Software as a Service Facebook Passwords Identity Theft Server Cybercrime Save Money Office 365 Business Intelligence Cybersecurity CES Telephone System Content Management Fraud Human Resources Paperless Office Settings VPN Keyboard Cleaning Training Display Apps Networking OneNote Work/Life Balance Shortcuts Software Smart Tech Save Time Wireless Internet Help Desk Google Apps IT Plan Entertainment Mobile Computing Health eWaste Disaster Recovery Systems Organizations today Practices Smart Office Remote Worker Security Cameras Big Data Data Security Managed IT Enterprise Content Management Evernote Administrator HIPAA Millennials MSP Telephony Digital Signature Amazon Scam Proactive IT Accountants Upgrade Spam Staff Authentication Telephone Systems Employee data-driven marketplace Charger IT Management Wiring Wi-Fi Business Mangement BYOD Law Enforcement Password Management Specifications WiFi Electronic Medical Records Windows 7 Workforce File Sharing Mobility PDF Devices HVAC Amazon Web Services Warranty Employer-Employee Relationship Virtualization Digital Signage top-line performance Website Wireless Charging Hosted Computing Telecommuting Firewall Hacker Mobile Device Management NIST Microchip Remote Monitoring USB Social Media Social Password Manager Update Collaboration Printer Phishing Google Drive Workers Bandwidth YouTube Credit Cards Camera Google Search Legal business intelligence Cache Data Management Inventory Document Management Remote Work Unified Threat Management Botnet Gmail Cryptocurrency Search Engine Wire Augmented Reality Vendor Thought Leadership Online Shopping Mouse Ransomware Google Docs Alert Nanotechnology Bring Your Own Device Private Cloud Criminal organizations need Cortana Smartwatch Recycling Addiction Safe Mode Microsoft Office Bing Managing Stress Compliance Quick Tips Thank You Net Neutrality Regulation Congratulations ISP Twitter Company Culture Printers