MERIT Solutions Blog

MERIT Solutions has been serving the Chesapeake area since 1982, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Could Your Router be Infected with Malware?

Could Your Router be Infected with Malware?

Certain threats out there are dangerous enough to cause major entities to warn against them. In particular, a recent malware by the name of VPNFilter has been deemed dangerous and prevalent enough that the FBI has addressed it. Since the malware targets routers (probably not your first guess in terms of possible vulnerabilities), it has considerable potential to become a nuisance for your organization.

Understanding VPNFilter
VPNFilter is a malware that hides in your router and remains even if you restart the device. VPNFilter is known for prioritizing devices in Ukraine, but you should never count on the trend to protect you from known threats. It’s thought that the VPNFilter malware has its roots in a group called Sofacy, and the malware operates in three basic steps.

The first step for this malware is that it installs itself on the device and remains there even in the event that the router is rebooted or turned off. Second, the malware will install certain permissions on the router that allows it to change settings, manage files, and execute commands. The router can then proceed to brick itself, making it much more difficult for your organization to keep operations moving along. In its final stages, this malware lets a hacker see the data packets that are being sent to and from your organization’s device, meaning that they can then also issue commands and communicate with the device via a Tor web browser.

This threat was specifically mentioned by the FBI because of its persistence. While resetting the device will disable the second and third steps, the first will remain, creating an endless cycle if you don’t do anything about it.

Is Your Router Affected?
Even though not all routers are affected, the number is still quite considerable. Here is a list of affected brands:

  • Asus
  • D-Link
  • Huawei
  • Linksys
  • MikroTik
  • Netgear
  • TP-Link
  • Ubiquiti
  • Upvel
  • ZTE

If you would like a more comprehensive list of all affected devices, Symantec has a list on their website: https://www.symantec.com/blogs/threat-intelligence/vpnfilter-iot-malware

How You Fix It
There is an easy fix to VPNFilter, and it’s to perform a factory reset on your router. This eliminates anything that’s currently installed from the first stage of VPNFilter’s attack. Of course, it’s also worth mentioning that the manufacturer of the router may have also administered a patch or security update resolving the vulnerability, so be sure to check for that as well so that it will never be an issue again.

For more great updates and tech tips, be sure to subscribe to MERIT Solutions’s blog.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Friday, July 20 2018

Captcha Image

Tag Cloud

Security Tip of the Week Technology Best Practices Privacy Cloud Business Computing Network Security Hackers Malware Software Productivity Internet Hosted Solutions Managed IT Services Backup Business Management Mobile Devices google Computer Microsoft Business Outsourced IT Disaster Recovery Hardware communications VoIP Business Continuity IT Support Windows 10 Innovation IT Services Email Cybersecurity User Tips Efficiency Data Backup Cybercrime Windows Tech Term Saving Money Mobile Device Management Data Recovery Internet of Things Small Business Apps Managed IT Server Mobility Ransomware Law Enforcement browser Productivity Smartphone Data Operating System Money Office 365 Save Money Telephone Systems Android Virtualization BDR Passwords Phishing Smartphones Hosted Solution Cloud Computing Quick Tips Data Security VPN Information Technology Recovery Password Holiday Network Microsoft Office Chrome BYOD Automation Communication IT Support Managed Service Provider Computers Facebook Government Best Practice Social Media Vulnerability Two-factor Authentication Wireless Update Budget Gadgets Workplace Tips Data Management Risk Management Data Breach Unsupported Software Social upgrade Work/Life Balance Google Drive Hacking Cost Management Avoiding Downtime Wi-Fi App Application Alert Collaboration Health Miscellaneous Applications Private Cloud Office tips History User Error Compliance Personal Information Remote Computing Proactive IT Politics Gmail Spam The Internet of Things Cleaning USB Save Time Managed IT Services Employer-Employee Relationship Users Blockchain Identity Theft Tech Support Social Engineering Artificial Intelligence Flexibility Streaming Media Wireless Technology Shortcut Router search Telephony Firewall Data Protection Antivirus Current Events Audit HaaS Commerce Robot Cortana End of Support Windows 10 Patch Management Project Management Automobile Value MSP Saving Time Humor Disaster Wireless Charging Excel Office Computer Care Phone System IT solutions Data Storage DDoS OneNote Legal Sports Management Networking Encryption Television Data Loss Hacker Apple Marketing Internet Exlporer Mobile Security Big Data Solid State Drive Devices Google Docs WiFi Education Google Assistant Vendor Management iPhone Going Green Bandwidth SaaS Fraud Mobile Computing Samsung eWaste Transportation Content Filtering Redundancy Battery Travel Amazon Training Virus Entertainment Storage Ali Rowghani Hard Disk Drive Upgrades Chromebook Electronic Medical Records Credit Cards Trending WIndows Server 2008 Ciminal Point of Sale Tablets Root Cause Analysis Wireless Internet Virtual Assistant Company Culture Proactive HIPAA Laptop Uninterrupted Power Supply Consultant Smart Tech Safety FAQ Black Market NFL Augmented Reality server installation dvd "cannot install required files" Gamification Smart Technology Alexa for Business Websites Lifestyle Avoid Downtime Business Intelligence stock Touchscreen Touchpad Connectivity Charger Shadow IT Outlook Document Management Word Reputation Memory Data Theft Experience Legislation Advertising Managed IT Service tweet iOS Content Filter intranet Windows Ink calculator Students Computing Comparison Video Games Data storage Twitter Regulation Computer Fan control Monitoring Evernote Virtual Reality IT budget Google Maps Administration Chromecast Unified Communications Scam Analysis Music Specifications Screen Mirroring WSJ Sync Dark Web Exchange Maintenance Software as a Service Colocation Distributed Denial of Service Meetings altivista Financial Employer Employee Relationship Emails App store Analytics Sales Hard Drives Cast Adobe Files SBS Financial Technology Keyboard Workers Device Security Instant Messaging Identities Worker Commute Settings Administrator compaq Lithium-ion battery Bring Your Own Device Computer Accessories Mobile Device Retail Licensing Wearable Technology WannaCry Printing Updates Managing Stress Hybrid Cloud IoT Relocation Access hp Webinar Identity Books Conferencing Scalability HBO Spyware Mobile domain Hiring/Firing Microsoft Word Business Technology Language Microsoft Excel Remote Monitoring IT solutions Data Privacy Gifts How To PDF Professional Services remote Computer Forensics Benefits Wasting Money File Sharing Yahoo Windows 10s Unified Threat Management Hard Drive Text Messaging IT Management Edge Running Cable Nanotechnology Server 2008 PowerPoint Thank You Emergency Congratulations CrashOverride Worker Cache Monitors

Mobile? Grab this Article!

QR-Code dieser Seite

Recent Comments

Anna Jackson 5 SEO Tools To Get a Google-Eye View of Your Website
15 September 2017
Hello Randall! I was doing very important work but due to your subject I felt better to stay at you...
David Miller Not all project-management tools are right for all businesses
25 August 2017
All the points depicted by you in this blog is v.apt. I love the title of this blog because it says ...