73°
Clear
Talk of The Villages Florida - Rentals, Entertainment & More
Talk of The Villages Florida - Rentals, Entertainment & More
Talk of The Villages Florida - Rentals, Entertainment & More
Talk of The Villages Florida - Rentals, Entertainment & More
|
#1
05-27-2018, 10:06 PM
|
||
|
||
The FBI recommends rebooting routers due to malware
The FBI recommends any owner of small office and home office routers power cycle (reboot) the devices. Foreign cyber actors have compromised hundreds of thousands of home and office routers and other networked devices worldwide. The actors used VPNFilter malware to target small office and home office routers. The malware is able to perform multiple functions, including possible information collection, device exploitation, and blocking network traffic.
F.B.I.’s Urgent Request: Reboot Your Router to Stop Russia-Linked Malware Internet Crime Complaint Center (IC3) | Foreign Cyber Actors Target Home and Office Routers and Networked Devices Worldwide |
|
|
|
#2
05-27-2018, 10:32 PM
|
||
|
||
|
Thanks for the heads up!
|
|
#3
05-28-2018, 08:24 AM
|
||
|
||
|
Don't overlook these steps:
Users are also advised to upgrade the devices' firmware and to select a new secure password. If any remote-management settings are in place, the F.B.I. suggests disabling them. |
|
#4
05-28-2018, 09:08 AM
|
||
|
||
|
I rebooted everything. I looked up my router and I'm looking at the settings on a different tab. I see the firmware version but I can't find where I can can check to see if there is a newer version or a link that downloads the latest version. Any ideas?
|
|
#5
05-28-2018, 10:00 AM
|
||
|
||
|
Quote:
|
|
#6
05-28-2018, 10:14 AM
|
||
|
||
|
Quote:
|
|
#8
05-30-2018, 10:37 AM
|
||
|
||
|
Quote:
If you say nothing their work load would remain the same. If you tell your customers to update your software and let us know if anything goes wrong there will be a lot of calls, anger and confusion. |
|
#9
05-30-2018, 12:25 PM
|
||
|
||
|
Quote:
|
|
#10
05-30-2018, 08:39 PM
|
||
|
||
|
While I am not defending Comcast, they have the capability to reboot your modem remotely, so it is possible that they are rebooting these from their command...
I manually rebooted mine just in case. BTW, the reason the FBI want you to reboot is the malware goes to a specific site to get further instructions, and the FBI has taken over control of this site, so when you reboot your will not be downloading the malware instructions.
__________________
Pennsylvania, for 60+ years, most recently, Allentown, now TV. 
|
|
#11
05-30-2018, 08:53 PM
|
||
|
||
|
I forgot most people are renting their modems and routers. Having your firmware refreshed remotely, helping to keep you protected is one of the perks. I'm no expert so it's good to read and learn as much as you can from many sources.
|
|
#12
05-31-2018, 01:50 PM
|
||
|
||
|
If you have Comcast (Xfinity), you likely have a modem made by Arris (not on the list below). I bought my own modem for Comcast but it is an Arris brand as well.
The following is a notice that my company sent out to all employees today: Recently the FBI became aware of a new malware attack called, VPNFilter, that has infected over 500,000 routers and network devices according to researchers from Cisco’s Talos Intelligence Group. As of May 23rd, 2018, Symantec has identified that VPNFilter is capable of infiltrating systems through the following routers: • Linksys E1200 • Linksys E2500 • Linksys WRVS4400N • Mikrotik RouterOS for Cloud Core Routers: Versions 1016, 1036, and 1072 • Netgear DGN2200 • Netgear R6400 • Netgear R7000 • Netgear R8000 • Netgear WNR1000 • Netgear WNR2000 • QNAP TS251 • QNAP TS439 Pro • Other QNAP NAS devices running QTS software • TP-Link R600VPN VPNFilter has been able to spread through networks by targeting default credentials or known old exploitable vulnerabilities and has three identified stages to its operation. Stage 1: The malware is installed and is activated to sustain a persistent presence on the infected device and will contact the command and control server to download additional modules Stage 2: Executes the main payload and can collect files, execute commands, extract files, and modify device management. With the device management ability, the infected device can be “bricked” or render the infected device useless, if the command is received from attackers. Stage 3: Is an optional stage that execute packet sniffers that spy on traffic routed through the device including credentials, credit card data, as well as monitoring of MODbus SCADA protocols with a variation that allows communication using Tor. What Do I Need to Do? All are being advised to reboot their routers immediately so that the Stage 2 and Stage 3 components of VPNFilter will be temporarily removed and prevent the damaging components of the malware from operating. If your device is infected, the presence of the Stage 1 element can result in the reinstallation of Stage 2 and Stage 3 components. To remediate this possibility, it will be necessary to install and apply the most recent patches available for your device and change all access credentials from default to unique inputs. If the rebooting process does not remove VPNFilter from your device, it is recommended that you execute a hard reset, or reset to factory, that will return you device to its settings that were present out of the box. Please note that all personalized configurations will be removed in this process. Additionally, to reduce the likelihood of future incidents or impact from this incident, it is advised that “Remote Management” feature of your router be turned off. If you are unsure of how to access the “Remote Management” feature settings, please see your device’s instruction manual. |
|
#14
05-31-2018, 09:09 PM
|
||
|
||
|
Quote:
|
|
#15
05-31-2018, 09:12 PM
|
||
|
||
|
Quote:
A heck of a lot more than...nahh, ain't going there. 
|
| Closed Thread |
|
|
|
