About Us

IT Services

Understanding IT

News & Events



Contact Us

  • Register

Alternative IT Solutions Blog

Did You Know Your Router Can be Infected?

Did You Know Your Router Can be Infected?

A new type of malware is targeting routers in what is considered a large enough threat that even the FBI is addressing it. Even worse, a router isn’t necessarily a device that you think would be vulnerable to attack from a hacker. What can you do to keep your business’ Internet access points secure from hacking attacks? Let’s dig in to the details about what the VPNFilter malware does and how you can address it.

Explaining VPNFilter
The malware in question, VPNFilter, hides in routers for both individual users and small businesses with the intention of persisting even if the device has been rebooted. VPNFilter targets devices that are Ukraine-based most of the time, but others have been known to fall victim to this as well. It’s thought that the VPNFilter malware originated from a group called Sofacy. The malware itself takes three steps to become an issue for your organization.

The first is that the malware sets itself up so that it will persist even if the device is rebooted or turned off. The second stage of the attack consists of the malware installing permissions for itself to change router settings, manage files, and execute commands. This allows the router to essentially brick itself, leading to considerable connectivity problems. The final stage of this malware lets the hackers look at the data packets passing to and from the device, as well as the ability to issue commands and communicate through the Tor web browser.

The reason why the FBI recommends resetting your router is because the second and third steps are wiped when you do so, but the first stage remains regardless.

Is Your Router Affected?
While not all routers are affected, there is still a sizeable list of confirmed contaminated devices. Some of the affected brands include:

  • Asus
  • D-Link
  • Huawei
  • Linksys
  • MikroTik
  • Netgear
  • TP-Link
  • Ubiquiti
  • Upvel
  • ZTE

For a comprehensive list of affected devices, you can see specifics for each brand at Symantec’s website: https://www.symantec.com/blogs/threat-intelligence/vpnfilter-iot-malware

How to Fix It
The best way to resolve these issues with VPNFilter is to perform a factory reset for your router, which completely deletes anything installed during the first stage of the threat. If the router’s manufacturer has administered a patch for the vulnerability, you can also install it following a factory reset so that you’ll never have to deal with this vulnerability again.

For more updates and tips on some of the latest threats, keep an eye on Alternative IT Solutions’s blog.

Know Your Tech: CMS
How to Be Selective when Picking a Backup Solution


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Monday, November 12, 2018

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Tip of the Week Security Technology Best Practices Cloud Business Computing Privacy Network Security Data Backup Email Google Tech Term Hackers Malware Managed IT Services Innovation Mobile Devices Data Data Recovery VoIp Cloud Computing Outsourced IT Microsoft User Tips Hosted Solutions Internet Managed IT Services Hardware Communications Software IT Support Communication Backup BDR Network Small Business Efficiency Chrome Smartphones Internet of Things Saving Money Workplace Tips Android IT Services Browser Productivity Business Continuity Windows 10 Ransomware Cybercrime Artificial Intelligence How To Cybersecurity Alert Business Business Management Collaboration Information Windows Data Protection Server Applications Gadgets Smartphone Router Computer Money Mobile Device Management Data Security Computers Phishing Two-factor Authentication Managed IT Word Disaster Recovery Servers Telephone Systems Vulnerability Facebook Save Money BYOD Office 365 IT Management Remote Monitoring Business Intelligence Miscellaneous Social Media Connectivity Spam Social Engineering Identity Theft Windows 7 Passwords Credit Cards Firewall Mobile Device Data Storage Keyboard Sports Value Redundancy Managed Service Infrastructure Fraud Settings OneNote Virtual Assistant Work/Life Balance Operating System CES Website Law Enforcement Bring Your Own Device Comparison Spam Blocking Upgrade Compliance Password Scam Telephone System Wi-Fi Content Management VPN Employer-Employee Relationship Paperless Office Training Voice over Internet Protocol Avoiding Downtime Private Cloud App Blockchain Networking Workers Document Management Update Mobile Computing Virtualization Microsoft Office Budget Apps Data Breach IT Plan Unsupported Software Encryption Holiday Data Management Wire Samsung Multi-Factor Security Current Events Inventory Mobile Warranty Supercomputer Outlook Electronic Medical Records Automation webinar Criminal Addiction Google Docs Theft The Internet of Things Software Tips Password Management Search Engine MSP Gmail Thought Leadership Hiring/Firing Software as a Service Printer Human Resources Trending Meetings Knowledge Patch Management Access Control Professional Services Recovery Cortana Unified Threat Management Frequently Asked Questions Smart Tech Botnet Risk Management Conferencing Camera Cleaning Black Market NIST Bing Skype Office Tips Leadership Augmented Reality Recycling Wireless Charging Mouse Staff Smart Office Sync Content Filtering Network Congestion Flash Authentication IT Support Amazon Solid State Drive Google Apps Downtime Marketing Excel HVAC Travel Telecommuting Windows 10s Telephony Cache Computer Care Physical Security Cryptocurrency Entertainment Specifications Remote Worker eWaste Government Administrator Digital Signature Information Technology Lifestyle HaaS Data loss Password Manager Nanotechnology Amazon Web Services Audit Root Cause Analysis Tip of the week Practices Remote Work Netflix Wireless Internet Proactive IT Safe Mode Accountants Machine Learning Start Menu Millennials Google Drive Wiring Data Warehousing Microchip PDF Regulations Screen Mirroring IT Consultant Big Data Online Shopping SaaS Windows Server 2008 Hosted Computing Public Cloud Bandwidth HIPAA USB Flexibility FENG IBM HBO File Sharing YouTube Tools Workforce Legal Charger WiFi Computer Fan Enterprise Content Management Cast Business Mangement Devices Mobility Evernote Consultation Business Technology IoT Company Culture E-Commerce Computer Accessories Loyalty Strategy Congratulations Healthcare Public Computer Business Owner Quick Tips Rootkit Managing Stress Safety Bluetooth Analysis Electronic Health Records Two Factor Authentication Streaming Media Employer Employee Relationship Vendor Management Windows 10 Instant Messaging Bata Backup Insurance Worker Automobile Printers Office Content Filter Health Fiber-Optic Proactive Save Time Managed Service Provider VoIP Virtual Private Network Storage Hacking Battery Cables Education Assessment Remote Monitoring and Maintenance Regulation Help Desk Project Management GDPR Twitter Unified Communications Utility Computing Thank You Students Television Line of Business

Latest News & Events

Alternative IT Solutions is proud to announce the launch of our new website at https://www.alternative-IT.co.uk. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our ser...

Contact Us

Learn more about what Alternative IT Solutions can do for your business.

Call Us Today
Call us today
(0)20 8498 4300

Avocet House, Trinity Park, Trinity Way
London, England E4 8TD