Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: FBI recommends to reboot routers to kill VPNFilter malware

26 May 2018   #1
Brink

64-bit Windows 10 Pro
 
 
FBI recommends to reboot routers to kill VPNFilter malware

Quote:
FOREIGN CYBER ACTORS TARGET HOME AND OFFICE ROUTERS AND NETWORKED DEVICES WORLDWIDE

SUMMARY
The FBI recommends any owner of small office and home office routers power cycle (reboot) the devices. Foreign cyber actors have compromised hundreds of thousands of home and office routers and other networked devices worldwide. The actors used VPNFilter malware to target small office and home office routers. The malware is able to perform multiple functions, including possible information collection, device exploitation, and blocking network traffic.

TECHNICAL DETAILS
The size and scope of the infrastructure impacted by VPNFilter malware is significant. The malware targets routers produced by several manufacturers and network-attached storage devices by at least one manufacturer. The initial infection vector for this malware is currently unknown.

THREAT
VPNFilter is able to render small office and home office routers inoperable. The malware can potentially also collect information passing through the router. Detection and analysis of the malware’s network activity is complicated by its use of encryption and misattributable networks.

DEFENSE
The FBI recommends any owner of small office and home office routers reboot the devices to temporarily disrupt the malware and aid the potential identification of infected devices. Owners are advised to consider disabling remote management settings on devices and secure with strong passwords and encryption when enabled. Network devices should be upgraded to the latest available versions of firmware.

Authorities and researchers still don’t know for certain how compromised devices are initially infected. They suspect the attackers exploited known vulnerabilities and default passwords that end users had yet to patch or change. That uncertainty is likely driving the advice in the FBI statement that all router and NAS users reboot, rather than only users of the 14 models known to be affected by VPNFilter, which are:
  • Linksys E1200
  • Linksys E2500
  • Linksys WRVS4400N
  • Mikrotik RouterOS for Cloud Core Routers: Versions 1016, 1036, and 1072
  • Netgear DGN2200
  • Netgear R6400
  • Netgear R7000
  • Netgear R8000
  • Netgear WNR1000
  • Netgear WNR2000
  • QNAP TS251
  • QNAP TS439 Pro
  • Other QNAP NAS devices running QTS software
  • TP-Link R600VPN

Read more:


My System SpecsSystem Spec
.
26 May 2018   #2
Layback Bear

Windows 10 Pro. 64/ version 1709 Windows 7 Pro/64
 
 

Thank you Brink.
I will reboot my router today. Can't hurt and might help.


Jack
My System SpecsSystem Spec
26 May 2018   #3
sml156

Microsoft Windows 7 Ultimate 32-bit 7601
 
 

Quote   Quote: Originally Posted by Layback Bear View Post
Thank you Brink.
I will reboot my router today. Can't hurt and might help.


Jack

If your router has been compromised my guess is that within minutes it will be compromised again, There are 100,000's of shady characters trying to exploit home and business devices facing the internet and with sites like Showdan it makes it much easier to find vulnerable devices.



I would also make sure you do not have remote administration enabled. Also change your Admin password to something complex that is hard to guess or brute force with automated tools.
My System SpecsSystem Spec
.

30 May 2018   #4
Iain

Win 7 Ultimate SP1- Tecra W50-A:Windows 7 Professional x64
 
 


Thanks for the information.


Also, if you haven't done so already, upgrading to the latest firmware is a very good idea. My SMB router and managed switch firmware was upgraded two weeks ago.
My System SpecsSystem Spec
30 May 2018   #5
F22 Simpilot

Windows 7 Ultimate x64
 
 

Doubt they got into my router flashed to Asus Merlin. One reason why I use third party firmware. I can't tell you how many infected routers try to do nefarious things on my websites.
My System SpecsSystem Spec
Reply

 FBI recommends to reboot routers to kill VPNFilter malware




Thread Tools




Similar help and support threads
Thread Forum
Windows recommends scan/fix for iPod?
The same day that I mounted and dismounted an OS image which the OS named H, I later connected my iPod. The OS gave the device drive H but also issued the attached recommendation. Subsequently, every time I attach the iPod I get the same message. It would appear that the OS is confused and it's...
Hardware & Devices
Persistent Malware problem- cant detect or kill pls help
Windows 7 Pro 64bit We have a user that just all of a sudden will get a random pop-up like the one shown below. Sometimes it is accompanied by audio that is hard to hear. Usually Internet Explorer is not even open when this occurs. Have tried: Malwarebytes Rogue Killer Spybot The latpop...
System Security
MS pulls & recommends uninstalling KB 2823324?
Microsoft pulls Patch Tuesday security fix | ZDNet https://support.microsoft.com/kb/2839011 Everything is working fine on all 3 of my rigs (Win7/64 X 2 and Win7/32 X 1) with 2823324 installed. >>"If it ain't broke...." -- leave it installed or uninstall, as Redmond recommends???<< EDIT:...
Windows Updates & Activation
need a lga775 motherboard (affordable but still the best),recommends?
i only wanna replace my motherboard i dont wanna replace any of my parts so i want a mother board that support this parts: Ram: ddr2-533 mhz Cpu: Intel Pentium D 925 (3.0 Ghz) HDD: seagate 80Gb sata-II optical drive: samsung write master (ide interface) and also i want a kind of...
Hardware & Devices
Microsoft recommends the use of 32bit Office 2010
More... I've had no issues using the x64 version of Office 2010 beta, will depend on your usage. Your Mileage May Vary.
News


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 09:24.
Twitter Facebook Google+