Technical Discussion
  >> Security Related Issues


Register (or login) on our website and you will not see this ad.


  Print Thread
Standard User Vorlon
(fountain of knowledge) Thu 24-May-18 19:30:17
Print Post

Bot Net Affecting Routers and IOT (VPN Filter Exploit)


[link to this post]
 
Sophos news story about a current Bot Net affecting many Routers and IOT, where either a Firmware ReFlash or new Firmware can cure infected hardware.

https://nakedsecurity.sophos.com/2018/05/24/vpnfilte...

I'm still using my Plusnet VDSL Modem/Router (Hub One?) and assume firmware upgrades are done remotely on the later models. I can see the last update it received was dated August 2017 - is that the latest?

Clearly the use of unique passwords and reflashing if infected are a must. Unfortunately many of us don't bother changing the routers password once it's setup.

Further reading:-

https://nakedsecurity.sophos.com/2018/05/23/vpnfilte...

Edit:- I believe the Draytek Advisory posted on this forum maybe of the same issue which recently went public.

Edit 2:- There is a list of routers known to be affected here:-
https://www.tripwire.com/state-of-security/featured/...

Edited by Vorlon (Thu 24-May-18 21:01:21)

Standard User Kenneth
(legend) Thu 07-Jun-18 19:03:04
Print Post

Re: Looks like more makes are bing hit


[re: Vorlon] [link to this post]
 
See theReg

More affected devices. More damage. And what looks like an escalation in attacks

Asus, D-Link, Huawei, Ubiquiti, UPVEL, and ZTE: these are the vendors newly-named by Cisco's Talos Intelligence as being exploited by the VPNFilter malware


Ken

Nostalgia is memory with the pain removed
Standard User Vorlon
(fountain of knowledge) Thu 07-Jun-18 20:33:30
Print Post

Re: Looks like more makes are bing hit


[re: Kenneth] [link to this post]
 
Yes, I'm keeping an eye on both my Plusnet Router and my TPlink VR900 V1 and both don't appear to have had firmware upgrades since 2017.


Register (or login) on our website and you will not see this ad.

  Print Thread

Jump to