In May, security experts discovered one of the most widespread malware infections in history. Now, they’re warning businesses and consumers that it’s even worse than their first assessment. The VPNFilter malware poses a threat to small businesses and requires immediate attention from anyone with a vulnerable device who hasn’t already taken action against it.
VPNFilter recap
A team of security researchers from Cisco released a report that a strain of malware had been discovered on hundreds of thousands of routers and network devices. Originally, researchers believed it affected only Linksys, MikroTik, Netgear, and TP-Link devices.
Like many malware strains, VPNFilter infects devices that use default login credentials. But it’s worse than the average cyberattack because it can make router hardware useless, and cannot be completely removed by resetting infected devices.
As if destroying 500,000 routers wasn’t bad enough, VPNFilter lets its creators spy on networks and intercept passwords, usernames, and financial information.
What’s new
Just two weeks after VPNFilter was discovered, security experts announced that it targets 200,000 additional routers manufactured by ASUS, D-Link, Huawei, Ubiquiti, UPVEL, and ZTE. Worse yet, VPNFilter can alter data passing through infected routers. That means when you enter a username and password into a banking website, hackers could steal that information and show you an incorrect account balance to hide fraudulent deductions.
How to stop VPNFilter
Contrary to initial reports and recommendations, rebooting a VPNFilter-infected router won’t remove the malware; you need to factory-reset the device. Usually, all this requires is holding down the Reset button on the back of the device for 10-30 seconds. If your router has no reset button or you’re unsure whether pressing it did the trick, contact us for assistance. You may need a hand regardless, since your router probably won’t be usable in its factory-default condition.
If you do have one of the affected routers, at minimum, you’ll want to upgrade its firmware to not be vulnerable to another attack – or even replace the router if it can’t be made safe. That might be a good idea anyway, since most of the vulnerable devices are consumer Internet routers, rather than business class firewall routers.
Cybersecurity threats have become so prevalent that even large enterprises struggle to keep their digital assets safe. Outsourcing IT support to a managed services provider like us will give you enough capacity and capability to deal with issues like VPNFilter as soon as they arise. Call us today to learn more.
