man siting facing laptop

VPNFilter Malware: What is it, and are you protected?

man siting facing laptop

About a week ago, reports from the FBI of a new type of malware surfaced.  This new malware is now known as VPNFilter, and targets routers, rather than pc’s or servers.

 

Routers, as you may or may not know, are a network hub or gateway through which every computer in your home or workplace is connected which enables them to connect to the internet.  Essentially, VPNFilter infects the router directly and “sniffs” or tracks all of the web traffic going through the router, and, if given a command from whoever is controlling the malware, can “brick” or lock up your router making it completely unusable.

While the malware sounds scary, there is good news!  Only certain models of routers have been identified as being vulnerable to VPNFilter.  Here at SOS|Support, security is a top priority, and because of this we highly encourage all of our clients to use Dell SonicWALLs, which take the place of a traditional router.  Soon after the VPNFilter news broke, the folks over at SonicWALL released this statement, to let us know that SonicWALL’s have not been affected by, and are not vulnerable to the VPNFilter malware.

For everyone who does not have a SonicWALL, the following list of routers are those that have been identified as vulnerable:

Linksys E1200

Linksys E2500

Linksys WRVS4400N

Mikrotik RouterOS for Cloud Core Routers: Versions 1016, 1036, and 1072

Netgear DGN2200

Netgear R6400

Netgear R7000

Netgear R8000

Netgear WNR1000

Netgear WNR2000

QNAP TS251

QNAP TS439 Pro

Other QNAP NAS devices running QTS software

TP-Link R600VPN

 

If you have any of these routers in your home or office, the FBI has instructed that you reboot the router as soon as you can by simply unplugging the router for 30 seconds and then plugging it back in.  VPNFilter is a “multi-stage” form of malware, meaning that it works in pieces, and rebooting the router can disrupt the process of the malware installation.  We also strongly suggest that you check the username and password on your home routers to ensure that a unique username and password are used.  If you have any issues or want help with this, please don’t hesitate to contact SOS Support!

 

 

If you have not yet had us install a SonicWALL in your home network or small business, we highly encourage it!  This is just one of countless examples of the benefits of the upgraded security that a SonicWALL provides!

 

 

 

6/7/2018 Update:

Per TomsGuide, here is an updated list of affected Routers:

 

Asus RT-AC66U

Asus RT-N10

Asus RT-N10E

Asus RT-N10U

Asus RT-N56U

Asus RT-N66U

Asus support page

D-Link DES-1210-08P

D-Link DIR-300

D-Link DIR-300A

D-Link DSR-250N

D-Link DSR-500N

D-Link DSR-1000

D-Link DSR-1000N

D-Link support page specifically for VPNFilter

Huawei HG8245

Unofficial reset instructions; we couldn’t find the firmware

Linksys E1200

Linksys E2500

Linksys E3000

Linksys E3200

Linksys E4200

Linksys RV082

Linksys WRVS4400N

Linksys support page

MikroTik CCR1009

MikroTik CCR1016

MikroTik CCR1036

MikroTik CCR1072

MikroTik CRS109

MikroTik CRS112

MikroTik CRS125

MikroTik RB411

MikroTik RB450

MikroTik RB750

MikroTik RB911

MikroTik RB921

MikroTik RB941

MikroTik RB951

MikroTik RB952

MikroTik RB960

MikroTik RB962

MikroTik RB1100

MikroTik RB1200

MikroTik RB2011

MikroTik RB3011

MikroTik RB Groove

MikroTik RB Omnitik

MikroTik STX5

MicroTik support page, which is pretty confusing

Netgear DG834

Netgear DGN1000

Netgear DGN2200

Netgear DGN3500

Netgear FVS318N

Netgear MBRN3000

Netgear R6400

Netgear R7000

Netgear R8000

Netgear WNR1000

Netgear WNR2000

Netgear WNR2200

Netgear WNR4000

Netgear WNDR3700

Netgear WNDR4000

Netgear WNDR4300

Netgear WNDR4300-TN

Netgear UTM50

Netgear support page

QNAP TS251

QNAP TS439 Pro

Other QNAP NAS devices running QTS software

QNAP firmware download page

TP-Link R600VPN

TP-Link TL-WR741ND

TP-Link TL-WR841N

TP-Link support page

Ubiquiti NSM2

Ubiquiti PBE M5

Ubiquiti firmware and documentation

Upvel — unknown models

Upvel firmware downloads (in Russian)

ZTE Devices ZXHN H108N

ZTE support page