Mavericks Blogs

Did You Know Your Router Can be Infected?

Did You Know Your Router Can be Infected?

A new type of malware is targeting routers in what is considered a large enough threat that even the FBI is addressing it. Even worse, a router isn’t necessarily a device that you think would be vulnerable to attack from a hacker. What can you do to keep your business’ Internet access points secure from hacking attacks? Let’s dig in to the details about what the VPNFilter malware does and how you can address it.

Explaining VPNFilter
The malware in question, VPNFilter, hides in routers for both individual users and small businesses with the intention of persisting even if the device has been rebooted. VPNFilter targets devices that are Ukraine-based most of the time, but others have been known to fall victim to this as well. It’s thought that the VPNFilter malware originated from a group called Sofacy. The malware itself takes three steps to become an issue for your organization.

The first is that the malware sets itself up so that it will persist even if the device is rebooted or turned off. The second stage of the attack consists of the malware installing permissions for itself to change router settings, manage files, and execute commands. This allows the router to essentially brick itself, leading to considerable connectivity problems. The final stage of this malware lets the hackers look at the data packets passing to and from the device, as well as the ability to issue commands and communicate through the Tor web browser.

The reason why the FBI recommends resetting your router is because the second and third steps are wiped when you do so, but the first stage remains regardless.

Is Your Router Affected?
While not all routers are affected, there is still a sizeable list of confirmed contaminated devices. Some of the affected brands include:

  • Asus
  • D-Link
  • Huawei
  • Linksys
  • MikroTik
  • Netgear
  • TP-Link
  • Ubiquiti
  • Upvel
  • ZTE

For a comprehensive list of affected devices, you can see specifics for each brand at Symantec’s website: https://www.symantec.com/blogs/threat-intelligence/vpnfilter-iot-malware

How to Fix It
The best way to resolve these issues with VPNFilter is to perform a factory reset for your router, which completely deletes anything installed during the first stage of the threat. If the router’s manufacturer has administered a patch for the vulnerability, you can also install it following a factory reset so that you’ll never have to deal with this vulnerability again.

For more updates and tips on some of the latest threats, keep an eye on Mavericks’s blog.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Monday, November 12 2018

Captcha Image

Mobile? Grab this Article!

QR-Code

Tag Cloud

Tip of the Week Security Technology Best Practices Tech Term Privacy Network Security Data recovery Data Email Innovation Workplace Tips Internet Malware Data Backup User Tips Cloud Computing Business Computing Communications Mobile Devices Hardware Internet of Things Cloud Google BDR Hosted Solutions Information Artificial Intelligence Browser VoIp Saving Money Hackers Applications Smartphones Network IT Services Backup Chrome Data Protection Windows 10 Productivity Business Management Windows Computer Small Business Outsourced IT Communication Miscellaneous Connectivity Business Android Smartphone CES Microsoft Telephone System Gadgets Content Management Fraud Encryption Router Managed Service Keyboard Social Engineering Paperless Office VPN How To Blockchain Sports Money Managed IT Services Infrastructure Computers IT Support Comparison Two-factor Authentication Managed IT services Vulnerability Servers Virtual Assistant Passwords Identity Theft Password Save Money Business Intelligence Facebook Server Cybercrime Microchip Remote Monitoring Holiday Hosted Computing Office 365 Firewall Mobile Device Management NIST Phishing Credit Cards Cybersecurity USB Social Media Password Manager Update Collaboration Printer Cache Workers Bandwidth YouTube Camera Legal business intelligence Remote Work Search Engine Data Management Online Shopping Inventory Document Management Unified Threat Management Gmail Efficiency Cryptocurrency Mouse Bring Your Own Device Ransomware Wire Augmented Reality Thought Leadership Alert Nanotechnology Criminal organizations need Safe Mode Microsoft Office Bing Cortana Human Resources OneNote Mobile Device Settings Recycling Addiction Voice over Internet Protocol Cleaning Training Apps Work/Life Balance Automation Networking Wireless Internet Software Disaster Recovery Smart Tech Business Continuity Google Apps IT Plan Evernote Access Control Entertainment Mobile Computing eWaste Disaster Recovery Systems Organizations today Administrator HIPAA Amazon Practices Smart Office Remote Worker Big Data Data Security Millennials Managed IT Enterprise Content Management Accountants Telephone Systems Upgrade MSP Digital Signature Charger Scam Staff Specifications Authentication Machine Learning data-driven marketplace IT Management WiFi Electronic Medical Records Amazon Web Services Word Wiring Business Mangement BYOD Workforce Law Enforcement Password Management Windows 7 File Sharing PDF Wireless Charging Devices HVAC Warranty Website Employer-Employee Relationship Virtualization top-line performance Telecommuting Congratulations Twitter Company Culture Printers Managing Stress Help Desk Compliance Quick Tips Thank You Regulation