Cisco: VPNFilter Malware Has Infected 500K Network Devices

Status
Not open for further replies.

rwinches

Distinguished
Jun 29, 2006
888
0
19,060
30
On Tuesday, FBI agents in Pittsburg asked federal Magistrate Judge Lisa Pupo Lenihan in Pittsburgh for an order directing the domain registration firm Verisign to hand the ToKnowAll[.]com address over to the FBI, in order to “further the investigation, disrupt the ongoing criminal activity involving the establishment and use of the botnet, and assist in the remediation efforts,” according to court records. Lenihan agreed, and on Wednesday the bureau took control of the domain.

The move effectively kills the malware’s ability to reactivate following a reboot, said Vikram Thakur, technical director at Symantec, who confirmed to the Daily Beast that the domain was taken over by law enforcement on Wednesday, but didn’t name the FBI. “The payload itself is non-persistent and will not survive if the router is restarted,” Thakur added. “That payload will vanish.”
 

Olle P

Distinguished
Apr 7, 2010
483
5
18,815
21
"... flaws that simply haven't been fixed, either because the product makers didn't fix them, ..."
This is a real problem because many product makers stop updating the firmware to their products long before the products are retired by the users. The producers sell and support a product for maybe a year before it's replaced by another model, then the firmware is (at best) supported with updates for another year or two while a typical (home) user will keep it running for several more years.
 

Christopher1

Distinguished
Aug 29, 2006
651
0
19,010
5
OLLE P hits the nail on the head in regards to the problems with routers today: Too little support. Manufacturers should be forced to support all their products for at least 10 years after they release them.
If that means that they will release fewer models so that they have the resources to write the code for the routers and update the code for the routers? So be it.
 

fry178

Reputable
Dec 14, 2015
694
0
5,360
141
lol,
not every day will someone find an exploit that needs fixing, so why would someone require an update?
example is that not all brands have that issue, yet you want ALL of them to provide updates for their units (for no reason).

btw, support does NOT mean/equal (firmware) updates.
how many updates did your car get? (i guarantee at least one would be needed/possible for almost every car out there, even if its just for the navi), yet it cost multiple times more than your router or phone/tablet etc.
 
Status
Not open for further replies.

ASK THE COMMUNITY

TRENDING THREADS