window._mfq = window._mfq || []; (function() { var mf = document.createElement("script"); mf.type = "text/javascript"; mf.async = true; mf.src = "//cdn.mouseflow.com/projects/0148bb62-7ff8-46ae-a466-bf3fd13c7d09.js"; document.getElementsByTagName("head")[0].appendChild(mf); })();
407-478-6600    Get SUPPORT

TaylorWorks Blog

Did You Know Your Router Can be Infected?

Did You Know Your Router Can be Infected?

A new type of malware is targeting routers in what is considered a large enough threat that even the FBI is addressing it. Even worse, a router isn’t necessarily a device that you think would be vulnerable to attack from a hacker. What can you do to keep your business’ Internet access points secure from hacking attacks? Let’s dig in to the details about what the VPNFilter malware does and how you can address it.

Explaining VPNFilter
The malware in question, VPNFilter, hides in routers for both individual users and small businesses with the intention of persisting even if the device has been rebooted. VPNFilter targets devices that are Ukraine-based most of the time, but others have been known to fall victim to this as well. It’s thought that the VPNFilter malware originated from a group called Sofacy. The malware itself takes three steps to become an issue for your organization.

The first is that the malware sets itself up so that it will persist even if the device is rebooted or turned off. The second stage of the attack consists of the malware installing permissions for itself to change router settings, manage files, and execute commands. This allows the router to essentially brick itself, leading to considerable connectivity problems. The final stage of this malware lets the hackers look at the data packets passing to and from the device, as well as the ability to issue commands and communicate through the Tor web browser.

The reason why the FBI recommends resetting your router is because the second and third steps are wiped when you do so, but the first stage remains regardless.

Is Your Router Affected?
While not all routers are affected, there is still a sizeable list of confirmed contaminated devices. Some of the affected brands include:

  • Asus
  • D-Link
  • Huawei
  • Linksys
  • MikroTik
  • Netgear
  • TP-Link
  • Ubiquiti
  • Upvel
  • ZTE

For a comprehensive list of affected devices, you can see specifics for each brand at Symantec’s website: https://www.symantec.com/blogs/threat-intelligence/vpnfilter-iot-malware

How to Fix It
The best way to resolve these issues with VPNFilter is to perform a factory reset for your router, which completely deletes anything installed during the first stage of the threat. If the router’s manufacturer has administered a patch for the vulnerability, you can also install it following a factory reset so that you’ll never have to deal with this vulnerability again.

For more updates and tips on some of the latest threats, keep an eye on TaylorWorks’s blog.

Know Your Tech: CMS
How to Be Selective when Picking a Backup Solution
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, September 19 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Tag Cloud

Tip of the Week Security Technology Network Security Cloud Best Practices Privacy Managed IT Services Business Computing Hackers Data Backup Email VoIP Hosted Solutions Malware Mobile Devices Outsourced IT Data Recovery Tech Term Google Microsoft Data Innovation Backup Internet of Things Cloud Computing Software Saving Money Internet Business Continuity Hardware Small Business Android IT Support Ransomware BDR Efficiency Cybersecurity IT Services Applications Cybercrime Communication Disaster Recovery Artificial Intelligence User Tips Communications Smartphones Managed IT Services Law Enforcement Managed IT Network How To Gadgets Router Business Data Protection Avoiding Downtime Mobile Device Management Business Management Collaboration Two-factor Authentication Windows 10 Windows Virtualization Phishing Chrome Smartphone Save Money Business Intelligence Computers Money Browser Productivity BYOD IT Support Data Security Spam Mobility Document Management Connectivity Remote Monitoring App Facebook Vulnerability Compliance Computer Identity Theft Passwords Word Training Firewall Apps Workplace Tips Blockchain Productivity Analysis Alert Office 365 Redundancy IT Management Telephone Systems Social Engineering Social Media Bandwidth Proactive IT Employer-Employee Relationship IT Plan Windows 7 File Sharing Networking Information Mobile Device CES Sports Unified Threat Management Work/Life Balance Wi-Fi Workers Comparison Solid State Drive Unsupported Software Flexibility Encryption Machine Learning Information Technology Managed Service Data Storage Password Content Management Settings Private Cloud OneNote Server Servers Credit Cards Access Control Update Paperless Office Smart Tech Budget Data Breach Virtual Assistant Microsoft Office Big Data Spam Blocking Automation Data loss Website VPN Infrastructure Miscellaneous Mobile Computing Business Owner Upgrade Value Operating System Education Bring Your Own Device Holiday Accountants HVAC FENG Professional Services Data Management Technology Tips Password Manager Storage Wireless HBO Recovery Sync Amazon Web Services Cables Leadership MSP Voice over Internet Protocol Keyboard HaaS Digital Signature Windows 10 Electronic Health Records Windows 10s Remote Work Google Drive Hosted Computing Cast Software as a Service Netflix Enterprise Content Management Tools Business Mangement Outlook Telephony Online Shopping Save Time Unified Communications Devices Remote Worker Multi-Factor Security SaaS Regulations Patch Management Hard Drives Inventory Current Events Government Risk Management Smart Office Augmented Reality Cleaning IoT Password Management Business Technology Root Cause Analysis Gmail Wireless Technology Addiction Frequently Asked Questions Specifications Audit Skype Evernote Theft Thought Leadership webinar Wiring Software Tips Trending Computing Infrastructure Strategy YouTube Virtual Reality Scam Marketing Hacker Knowledge Proactive The Internet of Things Computer Care Content Filtering Public Cloud NIST Meetings Botnet Recycling Cache Emails Excel Millennials Black Market Start Menu Wireless Charging Hacking Cortana Google Apps Streaming Media Conferencing GDPR Physical Security Lifestyle Instant Messaging Flash Fraud Worker Commute Authentication Network Congestion Remote Monitoring and Maintenance Data Warehousing HIPAA Human Resources Students Samsung Battery Managed Service Provider Users Insurance Cryptocurrency Downtime Telephone System Travel Legal Entertainment eWaste Wireless Internet Charger Tip of the week Workforce Computer Fan Mobile Content Filter E-Commerce USB End of Support Amazon Fiber-Optic Nanotechnology Electronic Medical Records IT Consultant Line of Business Google Docs Remote Computing Staff Healthcare Windows Server 2008 Telecommuting PDF Practices Safe Mode Screen Mirroring Health Office Tips Criminal Wire Public Computer Quick Tips Worker Camera Troubleshooting Fun Internet exploMicrosoft Smart Technology Scalability Loyalty Emergency Files Public Speaking Advertising Office Presentation Twitter Rootkit Printers Shadow IT Hosted Solution Lithium-ion battery Employer Employee Relationship Experience Colocation History Search Tech Support Content Relocation 5G Safety Computer Accessories Music IBM Two Factor Authentication Politics Techology CrashOverride Audiobook Humor Vendor Management Customer Relationship Management Company Culture Assessment Competition Bluetooth Wearable Technology Internet Exlporer Transportation IP Address WiFi Video Games User Error Books Hybrid Cloud Webinar Customer Service Managing Stress Television Automobile How to Benefits Hiring/Firing Mobile Office Regulation Best Practice Domains IT solutions

Mobile? Grab this Article!

QR-Code dieser Seite