Wikipedia article on VPNFilter :-
Quote:
|
Originally Posted by Wikipedia
VPNFilter is malware designed to infect routers. As of 24 May 2018, it is estimated to infect approximately 500,000 to 1,000,000 routers worldwide. It can steal data and also contains a "kill switch" designed to destroy the infected router on command. The FBI believes that it was created by the Russian Fancy Bear group. The following routers can be infected:
Linksys E1200
Linksys E2500
Linksys WRVS4400N
Mikrotik RouterOS for Cloud Core Routers: Versions 1016, 1036, and 1072
Netgear DGN2200
Netgear R6400
Netgear R7000
Netgear R8000
Netgear WNR1000
Netgear WNR2000
QNAP TS251
QNAP TS439 Pro
Other QNAP NAS devices running QTS software
TP-Link R600VPN
Both Cisco and Symantec suggest that people who own the above devices do a factory reset. That is typically accomplished by using something small and pointy, such as a straightened out paperclip, to push the small reset button on the back on the unit for 10 to 30 seconds (time varies by model). This will remove the malware, but also restores the router to all original settings. On 25 May 2018, the FBI suggested instead that users simply reboot their routers. This would remove the dangerous payload of the malware, leading it to attempt to re-download the payload. The FBI said that this would help them to find the servers distributing the payload
|