XFER has been serving Michigan since 1994, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Did You Know Your Router Can be Infected?

Did You Know Your Router Can be Infected?

A new type of malware is targeting routers in what is considered a large enough threat that even the FBI is addressing it. Even worse, a router isn’t necessarily a device that you think would be vulnerable to attack from a hacker. What can you do to keep your business’ Internet access points secure from hacking attacks? Let’s dig in to the details about what the VPNFilter malware does and how you can address it.

Explaining VPNFilter
The malware in question, VPNFilter, hides in routers for both individual users and small businesses with the intention of persisting even if the device has been rebooted. VPNFilter targets devices that are Ukraine-based most of the time, but others have been known to fall victim to this as well. It’s thought that the VPNFilter malware originated from a group called Sofacy. The malware itself takes three steps to become an issue for your organization.

The first is that the malware sets itself up so that it will persist even if the device is rebooted or turned off. The second stage of the attack consists of the malware installing permissions for itself to change router settings, manage files, and execute commands. This allows the router to essentially brick itself, leading to considerable connectivity problems. The final stage of this malware lets the hackers look at the data packets passing to and from the device, as well as the ability to issue commands and communicate through the Tor web browser.

The reason why the FBI recommends resetting your router is because the second and third steps are wiped when you do so, but the first stage remains regardless.

Is Your Router Affected?
While not all routers are affected, there is still a sizeable list of confirmed contaminated devices. Some of the affected brands include:

  • Asus
  • D-Link
  • Huawei
  • Linksys
  • MikroTik
  • Netgear
  • TP-Link
  • Ubiquiti
  • Upvel
  • ZTE

For a comprehensive list of affected devices, you can see specifics for each brand at Symantec’s website: https://www.symantec.com/blogs/threat-intelligence/vpnfilter-iot-malware

How to Fix It
The best way to resolve these issues with VPNFilter is to perform a factory reset for your router, which completely deletes anything installed during the first stage of the threat. If the router’s manufacturer has administered a patch for the vulnerability, you can also install it following a factory reset so that you’ll never have to deal with this vulnerability again.

For more updates and tips on some of the latest threats, keep an eye on XFER’s blog.

Know Your Tech: CMS
How to Be Selective when Picking a Backup Solution
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Thursday, July 19 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Security Technology Tip of the Week Privacy Microsoft Internet Cloud Saving Money Best Practices Backup Software Managed Service Provider Workplace Tips Business Computing Small Business Google Productivity Hackers Data Hosted Solutions Mobile Office Mobile Devices Hardware VoIP Quick Tips Gadgets Email Malware IT Support Efficiency Network Social Media Business Management Business Continuity Network Security Innovation Upgrade IT Services Business Server Virtualization Smartphones Windows Miscellaneous Disaster Recovery Communication Managed IT Services Microsoft Office Computer Users Communications Mobile Device Management Passwords User Tips Android Data Backup Browser Marketing Smartphone WiFi Alert Save Money Holiday Vendor Management Operating System Data Recovery Remote Monitoring Windows 10 Mobile Computing Ransomware Cybercrime Information Technology Avoiding Downtime Internet of Things Bring Your Own Device Apple Computers BDR BYOD Outsourced IT Best Practice Cloud Computing History VPN Big Data Remote Computing IT Solutions The Internet of Things Tech Term Router Chrome Going Green Current Events Telephone Systems Automation Cybersecurity Social Engineering Spam Employer-Employee Relationship Phone System Firewall Wireless Technology Trending Application IT Consultant Collaboration Hacking Health Money Proactive IT Excel Office App Printer Budget Lithium-ion Battery Facebook Artificial Intelligence Bandwidth Maintenance How To Networking Windows 8 Business Intelligence iPhone Two-factor Authentication Mobility Content Filtering Recovery Business Managament Managed IT Services Fax Server Private Cloud Website Redundancy PowerPoint Unified Threat Management Law Enforcement Gmail Office 365 Antivirus Customer Relationship Management Analytics Hard Drives Phishing Mouse User Error Humor Data Protection Outlook Managed IT Tutorials Virus Value Apps Data Security Office Tips Document Management Data Management Streaming Media Risk Management Compliance Tech Support Flexibility Productivity Entertainment Saving Time Retail Windows 10 Downtime Inbound Marketing Connectivity Memory Google Drive Network Congestion Conferencing Vulnerability Blockchain Word Administration Mobile Device Tablet Social Networking Sports Search Save Time Digital Payment Twitter Computer Repair Identity Theft Workers Access Control Point of Sale Meetings Recycling Education Smart Tech IBM Statistics Piracy Credit Cards DDoS Leadership Solid State Drive Data loss Administrator IT Management Servers Encryption Skype Black Market Programming Spam Blocking CES Computer Accessories Analysis Scam Environment Cleaning Password Running Cable Settings IT Plan Wireless Physical Security Intranet Human Resources Public Cloud Paperless Office Wearable Technology Training SaaS Social Biometrics Content Management Infrastructure File Sharing IT service Unsupported Software Hacker Best Available OneNote Data storage IT Support Update Bluetooth Touchscreen Internet Exlporer People Data Storage eWaste PDF Samsung Comparison Windows 7 Webinar HaaS End of Support Robot Safety Wi-Fi Work/Life Balance Data Breach USB Online Currency YouTube Video Surveillance Government Tablets Start Menu Theft Root Cause Analysis Electronic Health Records Data Warehousing Help Desk Specifications Reputation Regulations Evernote Internet exploMicrosoft Computer Fan Webcam Windows Media Player Virtual Desktop Wire Voice over Internet Protocol Digital Signature IT Security Supercomputer Hiring/Firing Cost Management Content Filter Travel Criminal NarrowBand Print Server Cryptocurrency HBO Upgrades Analyitcs Authentication Mobile Cortana Uninterrupted Power Supply nternet Crowdfunding Machine Learning Millennials Customers Remote Support Insurance Wireless Charging Advertising FENG Customer Service Smart Office Multi-Factor Security Strategy Applications Knowledge PC Care Distributed Denial of Service Files Company Culture Patch Management Scheduling Instant Messaging Storage Chromecast Law Firm IT 3D Consultant Safe Mode Frequently Asked Questions Fraud 360 Emails Nanotechnology Professional Services Macro Google Apps Screen Mirroring eBay HVAC Workforce Augmented Reality Alerts Practices Flash Co-managed IT Fiber-Optic Notifications LinkedIn Electronic Medical Records Cameras Lifestyle Amazon Colocation Net Neutrality Windows 10s Addiction Software as a Service Laptop Business Owner Licensing Accountants Business Technology Tip of the week Virtual Reality Tools Shadow IT Charger Cast Text Messaging WIndows 7 Enterprise Content Management Telecommuting SharePoint Windows 8.1 Update Work Station Hosted Computing Sync Cables Hybrid Cloud Hiring/Firing Gaming Console Printer Server Shortcut Students Display HIPAA Windows Server 2008 Amazon Web Services IaaS Computing Infrastructure Worker Commute Cache Touchpad Debate User Virtual Assistant Hosted Solution Bloatware Devices Password Manager Legal Computer Care Managing Stress Domains Password Management Software Tips Remote Work Relocation Science Inventory Telephony Unified Communications Healthcare Monitor Keyboard Online Shopping Audit Wireless Internet Google Docs Staff IoT Telephone System Netflix Entrepreneur Thought Leadership Botnet Business Mangement NIST Experience Two Factor Authentication Thank You Battery Content Emergency Video Games Music Worker Congratulations Audiobook Scalability Assessment Rootkit Politics Transportation How to Television Troubleshooting Webinar Techology Benefits Automobile Public Computer IT solutions Employer Employee Relationship CrashOverride Smart Technology Books Loyalty

Sign up for our Newsletter!

  • Company Name *
  • First Name *
  • Last Name *