Last Friday the FBI issued a warning about what’s being called the “VPNFilter” threat.
This malware takes advantage of exploits in certain routers commonly used in homes and small businesses. They (FBI Internet Crime Complaint Division) have taken down part of the command and control aspect of this attack, and recommend a reboot of your modem and router.
This attack comes in three stages with the worst allowing external control over your network, viewing of your traffic, the stealing of credentials and possible installation of ransomware or other destructive activities. A quick reboot may keep this threat stopped at the first level, and is a quick way to add a small level of protection.
So far, this infection has been detected in over 500,000 devices and likely growing. Although a reboot is recommended, security experts throughout the country are urging users with the following devices to reset their routers to factory settings, change the password to something new, and update the firmware to the latest release version.
Mikrotik RouterOS Versions for Cloud Core Routers: 1016, 1036, 1072
QNAP TS439 Pro
Other QNAP NAS devices running QTS software;
With all the interconnectedness in our work and personal lives, this type of threat is not going away. Even if your device is not listed here, take a moment to ensure you are NOT using the default password that came with the router, and also make sure the software is updated with its most current version.
Although it’s never convenient to make these types of preventative maintenance changes, it’s far easier than trying to recover from an executed attack. Think of your personal information, your photos, documents and banking information. Please take a few moments and protect yourself, or if you don’t have the confidence to do so, reach out to a local trusted support person.