It may not have been given a particularly catchy name, but a piece of malware named VPNFilter has managed to infect an estimated 500,000 routers belonging to home users and small businesses around the globe.
According to Cisco’s security team, Talos, the malware is capable of spying on traffic between your connected devices and the Internet, steal passwords and also “brick” the router, rendering it useless.
The malware VPNFilter is actually classified as a Botnet, meaning it provides the crooks full control of the router, like a backdoor, which they can then use to send any kind of command to the router at any future date.
However, according to The Daily Beast, the FBI has seized control over one of the key servers controlling the VPNFilter Botnet, which they say is linked to Russian state-sponsored crooks. The FBI’s acquisition of the server means the malware should not be able to reactivate once an infected router is given a hard reset (reset back to factory settings.)
While security investigations are not complete, most infected devices appear to be in the Ukraine. Ukrainian authorities have stated they believe reports so far by security professionals indicate a major cyber-attack against them shortly before the Champions League Final due to take place in Kiev on Saturday night.
A list of routers (and network storage devices) susceptible to such attacks are below –
QNAP TS439 Pro
The story provides a good excuse for some basic router security advice. Routers are often overlooked when it comes to security, since we concentrate on our PCs, laptops and smartphones. However the router is on the front-line, constantly connected to the Internet and the first thing you come across when accessing a network.
Here are some basic tips for your router –
– If you have a router listed above, do a hard reset to return it to factory settings. If it was infected with the VPNFilter, this should remove it.
– Never rely on the default password. If your router came shipped with a default password, change it straight away.
– Update it. Most routers won’t update by themselves and need you to do it. Check what model you have and go to the vendors website (or contact them) to get the latest update. Try and do this at least twice every ear.