Cisco: VPNFilter Malware Has Infected 500K Network Devices

[Guest]

The malware is said to target Linksys, Netgear, TP-Link, and MikroTik small and home office (SOHO) products as well as unidentified NAS devices.

Cisco: VPNFilter Malware Has Infected 500K Network Devices : Read more

 

[rwinches]

On Tuesday, FBI agents in Pittsburg asked federal Magistrate Judge Lisa Pupo Lenihan in Pittsburgh for an order directing the domain registration firm Verisign to hand the ToKnowAll[.]com address over to the FBI, in order to “further the investigation, disrupt the ongoing criminal activity involving the establishment and use of the botnet, and assist in the remediation efforts,” according to court records. Lenihan agreed, and on Wednesday the bureau took control of the domain.

The move effectively kills the malware’s ability to reactivate following a reboot, said Vikram Thakur, technical director at Symantec, who confirmed to the Daily Beast that the domain was taken over by law enforcement on Wednesday, but didn’t name the FBI. “The payload itself is non-persistent and will not survive if the router is restarted,” Thakur added. “That payload will vanish.”

 

[Olle P]

"... flaws that simply haven't been fixed, either because the product makers didn't fix them, ..."
This is a real problem because many product makers stop updating the firmware to their products long before the products are retired by the users. The producers sell and support a product for maybe a year before it's replaced by another model, then the firmware is (at best) supported with updates for another year or two while a typical (home) user will keep it running for several more years.

 

[fry178]

There isnt really a need for any updates.

Resetting the unit and changing default login credentials prevents (re) infection.

 

[Christopher1]

OLLE P hits the nail on the head in regards to the problems with routers today: Too little support. Manufacturers should be forced to support all their products for at least 10 years after they release them.
If that means that they will release fewer models so that they have the resources to write the code for the routers and update the code for the routers? So be it.

 

[fry178]

lol,
not every day will someone find an exploit that needs fixing, so why would someone require an update?
example is that not all brands have that issue, yet you want ALL of them to provide updates for their units (for no reason).

btw, support does NOT mean/equal (firmware) updates.
how many updates did your car get? (i guarantee at least one would be needed/possible for almost every car out there, even if its just for the navi), yet it cost multiple times more than your router or phone/tablet etc.