Flexnet Networks LLC Blog

Flexnet Networks LLC Blog

Flexnet Networks LLC has been serving the Texas area since 2010, providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses.

Could Your Router be Infected with Malware?

Could Your Router be Infected with Malware?

Certain threats out there are dangerous enough to cause major entities to warn against them. In particular, a recent malware by the name of VPNFilter has been deemed dangerous and prevalent enough that the FBI has addressed it. Since the malware targets routers (probably not your first guess in terms of possible vulnerabilities), it has considerable potential to become a nuisance for your organization.

Understanding VPNFilter
VPNFilter is a malware that hides in your router and remains even if you restart the device. VPNFilter is known for prioritizing devices in Ukraine, but you should never count on the trend to protect you from known threats. It’s thought that the VPNFilter malware has its roots in a group called Sofacy, and the malware operates in three basic steps.

The first step for this malware is that it installs itself on the device and remains there even in the event that the router is rebooted or turned off. Second, the malware will install certain permissions on the router that allows it to change settings, manage files, and execute commands. The router can then proceed to brick itself, making it much more difficult for your organization to keep operations moving along. In its final stages, this malware lets a hacker see the data packets that are being sent to and from your organization’s device, meaning that they can then also issue commands and communicate with the device via a Tor web browser.

This threat was specifically mentioned by the FBI because of its persistence. While resetting the device will disable the second and third steps, the first will remain, creating an endless cycle if you don’t do anything about it.

Is Your Router Affected?
Even though not all routers are affected, the number is still quite considerable. Here is a list of affected brands:

  • Asus
  • D-Link
  • Huawei
  • Linksys
  • MikroTik
  • Netgear
  • TP-Link
  • Ubiquiti
  • Upvel
  • ZTE

If you would like a more comprehensive list of all affected devices, Symantec has a list on their website: https://www.symantec.com/blogs/threat-intelligence/vpnfilter-iot-malware

How You Fix It
There is an easy fix to VPNFilter, and it’s to perform a factory reset on your router. This eliminates anything that’s currently installed from the first stage of VPNFilter’s attack. Of course, it’s also worth mentioning that the manufacturer of the router may have also administered a patch or security update resolving the vulnerability, so be sure to check for that as well so that it will never be an issue again.

For more great updates and tech tips, be sure to subscribe to Flexnet Networks LLC’s blog.

Tip of the Week: Changing Your Network Profile
Why (and How) SMBs Should Strategically Adopt Tech...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Thursday, 21 November 2024

Captcha Image

Request a Consultation

Flexnet Networks LLC strives to provide the best comprehensive IT, Computer, and Networking services to small businesses. We can handle all of your organization's technology challenges.

Contact Us
Contact Us

Learn more about what Flexnet Networks LLC can do for your business.

1706 W. Texas Ave,
Midland, Texas 79701

Call us: (432) 520-3539

Tampa Managed IT Services

Midland Managed IT Services

News & Updates
Flexnet Networks LLC is proud to announce the launch of our new website at www.flexnetllc.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...