About Us

IT Services

Understanding IT

News & Events



Contact Us

  • Register

Alternative IT Solutions Blog

Did You Know Your Router Can be Infected?

Did You Know Your Router Can be Infected?

A new type of malware is targeting routers in what is considered a large enough threat that even the FBI is addressing it. Even worse, a router isn’t necessarily a device that you think would be vulnerable to attack from a hacker. What can you do to keep your business’ Internet access points secure from hacking attacks? Let’s dig in to the details about what the VPNFilter malware does and how you can address it.

Explaining VPNFilter
The malware in question, VPNFilter, hides in routers for both individual users and small businesses with the intention of persisting even if the device has been rebooted. VPNFilter targets devices that are Ukraine-based most of the time, but others have been known to fall victim to this as well. It’s thought that the VPNFilter malware originated from a group called Sofacy. The malware itself takes three steps to become an issue for your organization.

The first is that the malware sets itself up so that it will persist even if the device is rebooted or turned off. The second stage of the attack consists of the malware installing permissions for itself to change router settings, manage files, and execute commands. This allows the router to essentially brick itself, leading to considerable connectivity problems. The final stage of this malware lets the hackers look at the data packets passing to and from the device, as well as the ability to issue commands and communicate through the Tor web browser.

The reason why the FBI recommends resetting your router is because the second and third steps are wiped when you do so, but the first stage remains regardless.

Is Your Router Affected?
While not all routers are affected, there is still a sizeable list of confirmed contaminated devices. Some of the affected brands include:

  • Asus
  • D-Link
  • Huawei
  • Linksys
  • MikroTik
  • Netgear
  • TP-Link
  • Ubiquiti
  • Upvel
  • ZTE

For a comprehensive list of affected devices, you can see specifics for each brand at Symantec’s website: https://www.symantec.com/blogs/threat-intelligence/vpnfilter-iot-malware

How to Fix It
The best way to resolve these issues with VPNFilter is to perform a factory reset for your router, which completely deletes anything installed during the first stage of the threat. If the router’s manufacturer has administered a patch for the vulnerability, you can also install it following a factory reset so that you’ll never have to deal with this vulnerability again.

For more updates and tips on some of the latest threats, keep an eye on Alternative IT Solutions’s blog.

Know Your Tech: CMS
How to Be Selective when Picking a Backup Solution


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Saturday, February 16, 2019

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Tip of the Week Security Technology Best Practices Cloud Business Computing Privacy Network Security Data Backup Google Hosted Solutions User Tips Mobile Devices Tech Term Email Malware Hackers VoIp Cloud Computing Managed IT Services Data Data Recovery Productivity Outsourced IT Innovation Microsoft IT Support Communications Communication Efficiency Internet Managed IT Services Hardware IT Services Backup Smartphone Smartphones Internet of Things Software Network Business Continuity Workplace Tips BDR Artificial Intelligence Chrome Small Business Cybersecurity Router Saving Money Windows 10 Business Browser Android Business Management Mobile Device Cybercrime Ransomware Gadgets How To Alert Two-factor Authentication Holiday Disaster Recovery Word Applications Data Protection Information Mobile Device Management Data Security Computers Spam Office 365 Money Computer Windows Collaboration Server Phishing Managed IT Facebook IT Management Software as a Service Telephone Systems BYOD Servers Business Intelligence Settings Private Cloud Save Money Managed Service Wi-Fi Remote Monitoring Connectivity Voice over Internet Protocol Social Media Social Engineering Vulnerability Encryption Identity Theft Miscellaneous Spam Blocking Mobility Bring Your Own Device Passwords Credit Cards Infrastructure Access Control Telephony Google Docs Automation Human Resources Sports Firewall Keyboard CES Fraud Value Redundancy Password Website Work/Life Balance Botnet Workers Google Drive Upgrade Content Management Comparison Law Enforcement Compliance VPN Scam Paperless Office IT Plan Virtual Assistant Employer-Employee Relationship Blockchain Document Management Unsupported Software Training Machine Learning App Windows 7 Avoiding Downtime Telephone System Update Networking Data Storage Microsoft Office Mobile Computing Budget Virtualization Apps Operating System Data Breach OneNote Safe Mode Evernote Criminal Addiction Black Market Wiring Current Events Samsung Gmail Thought Leadership Solid State Drive Multi-Factor Security Flash Microchip Mobile Windows 10s Theft webinar Electronic Medical Records Downtime Excel Supercomputer Smart Tech File Sharing Social Physical Security Hiring/Firing Knowledge Recycling Audit Trending Data loss Enterprise Content Management Professional Services Cleaning Authentication Smartwatch Cortana Conferencing Staff Smart Office Root Cause Analysis Tip of the week Warranty Risk Management Unified Threat Management HVAC Vendor Wireless Charging Office Tips Leadership Cache Skype Amazon Network Congestion eWaste Data Warehousing MSP Sync Content Filtering IT Support Entertainment Screen Mirroring Password Management Search Engine Marketing Computer Care Password Manager Nanotechnology Public Cloud Help Desk Employee Google Apps Digital Signature Windows Server 2008 Printer Travel Telecommuting Practices Display Government Wireless Internet FENG HBO Camera Specifications Health Bing Amazon Web Services HaaS Computer Fan Augmented Reality Information Technology Lifestyle Save Time Accountants Cast NIST Big Data Digital Signage Netflix PDF Mouse Remote Work Hosted Computing Security Cameras HIPAA USB Outlook Start Menu Millennials Proactive IT Cryptocurrency Shortcuts Online Shopping IT Consultant Legal The Internet of Things Software Tips Remote Worker Regulations YouTube SaaS Business Mangement Devices Recovery Google Search Bandwidth Meetings Patch Management Administrator Charger Inventory Hacker WiFi Data Management Wire Frequently Asked Questions Tools Workforce Flexibility IBM Company Culture eCommerce Television Thank You IoT Bata Backup Remote Monitoring and Maintenance Net Neutrality Strategy Healthcare Computer Accessories Regulation Employee/Employer Relationship Project Management Managing Stress Public Computer Congratulations GDPR Loyalty Quick Tips Business Owner Streaming Media Line of Business ISP Rootkit Analysis Electronic Health Records Utility Computing Bluetooth VoIP Safety Insurance Business Technology Two Factor Authentication E-Commerce Employer Employee Relationship Vendor Management Windows 10 Content Filter Automobile Worker Fiber-Optic Office Storage Consultation Instant Messaging Managed Service Provider Education Cables Printers Hacking Battery Assessment Twitter Proactive Students Unified Communications Virtual Private Network

Latest News & Events

Alternative IT Solutions is proud to announce the launch of our new website at https://www.alternative-IT.co.uk. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our ser...

Contact Us

Learn more about what Alternative IT Solutions can do for your business.

Call Us Today
Call us today
(0)20 8498 4300

Avocet House, Trinity Park, Trinity Way
London, England E4 8TD