Thread: FBI recommends to power cycle routers to stop Russia-linked malware
View Single Post
  #1  
Old 29-05-2018, 03:17 PM
gary
Registered User

gary is offline 		 
Join Date: Apr 2005
Location: Mt. Kuring-Gai
Posts: 5,999
Exclamation FBI recommends to power cycle routers to stop Russia-linked malware
On May 25th 2018, the FBI issued this warning :-
https://www.ic3.gov/media/2018/180525.aspx

Quote:
Originally Posted by FBI Public Service Announcement 25 May 2018
Foreign Cyber Actors Target Home and Office Routers and Networked Devices Worldwide

Summary
The FBI recommends any owner of small office and home office routers power cycle (reboot) the devices. Foreign cyber actors have compromised hundreds of thousands of home and office routers and other networked devices worldwide. The actors used VPNFilter malware to target small office and home office routers. The malware is able to perform multiple functions, including possible information collection, device exploitation, and blocking network traffic.

Technical Details
The size and scope of the infrastructure impacted by VPNFilter malware is significant. The malware targets routers produced by several manufacturers and network-attached storage devices by at least one manufacturer. The initial infection vector for this malware is currently unknown.

Threat
VPNFilter is able to render small office and home office routers inoperable. The malware can potentially also collect information passing through the router. Detection and analysis of the malware’s network activity is complicated by its use of encryption and misattributable networks.

Defense
The FBI recommends any owner of small office and home office routers reboot the devices to temporarily disrupt the malware and aid the potential identification of infected devices. Owners are advised to consider disabling remote management settings on devices and secure with strong passwords and encryption when enabled. Network devices should be upgraded to the latest available versions of firmware.
Quote:
Originally Posted by Louis Lucero II, New York Times
May 27, 2018
Hoping to thwart a sophisticated malware system linked to Russia that has infected hundreds of thousands of internet routers, the F.B.I. has made an urgent request to anybody with one of the devices: Turn it off, and then turn it back on.

The malware is capable of blocking web traffic, collecting information that passes through home and office routers, and disabling the devices entirely, the bureau announced on Friday.

A global network of hundreds of thousands of routers is already under the control of the Sofacy Group, the Justice Department said last week. That group, which is also known as A.P.T. 28 and Fancy Bear and believed to be directed by Russia’s military intelligence agency, hacked the Democratic National Committee ahead of the 2016 presidential election, according to American and European intelligence agencies.
Article here :-
https://www.nytimes.com/2018/05/27/t...t-malware.html
Reply With Quote