Asus ROG Strix XG27UQ review
be quiet! Pure Rock 2 review
Fractal Design Define 7 Compact review
Lian Li Galahad 360 liquid cooler review
Guru3D Rig of the Month - July 2020
Patriot Viper Steel DDR4 3600 MHz (64GB) review
Red Dead Redemption 2: PC graphics benchmark review (revisited)
Kioxia Exceria 960 GB SATA3 SSD review
HP Portable P500 1TB Portable USB3 SSD review
EK-Quantum Magnitude WaterBlock Review
Malware Spreading Through Linksys, Netgear, TP-Link routers and QNAP NAS
There is a report going viral at the moment, a new aggressive malware dubbed VPNFilter is spreading rapidly. Cisco is spreading the news that already over half a million devices in at least 54 countries already have been infected.
While the list may not be complete, the known devices affected by the malware called VPNFilter are Linksys, MikroTik, NETGEAR and TP-Link networking equipment in the small and home office (SOHO) space, as well at QNAP network-attached storage (NAS) devices. While we're always a bit careful pointing fingers, I'll just quote Cisco; "Cisco’s Talos cyber intelligence unit has high confidence that the Russian government is behind the campaign, according to Cisco researcher Craig Williams, because the hacking software shares code with malware used in previous cyber attacks that the U.S. government has attributed to Moscow".
VPNFilter allows hackers to access infected computers and devices. Then, according to Cisco, they can be used for espionage or the execution of attacks (DDoS) on other computers and networks. It is not yet clear how the devices precisely become infected however most routers and NAS servers targeted, particularly run older versions of OS software and/or have known public exploits or default credentials that make compromise relatively straightforward.
Routers from Linksys, Mikrotik, Netgear and TP-link and NAS systems from Qnap are most susceptible, Cisco recommends that users restore the devices to the factory settings to remove the malware. We obviously recommend you to install the latest firmware on your Router and internet connected NAS units.
Source: Cisco's Talos and Reuters.
Microsoft Agrees Windows 10 upgrade was pushed too aggressively - 12/24/2016 10:28 AM
In a video interview with Microsoft’s Chief Marketing Officer (CMO), Chris Capossela, he stated that Microsoft has been too aggressive in pushing the Windows 10 upgrade. ...
Act of Aggression Ships - 09/03/2015 08:26 AM
I've been hering good thigns about this game. Eugen Systems now offers Act of Aggression, their new real-time strategy game, which is available on Steam with a 15% launch discount. They also announc...
Brit90
Senior Member
Posts: 109
Joined: 2016-11-08
Senior Member
Posts: 109
Joined: 2016-11-08
#5549670 Posted on: 05/24/2018 01:40 PM
It's almost always Israel doing this kind of stuff. They do a lot of crap and blame it on the Russians, because everyone knows America hates them "commy bastards" (although I fail to realise why).
It's almost always Israel doing this kind of stuff. They do a lot of crap and blame it on the Russians, because everyone knows America hates them "commy bastards" (although I fail to realise why).
vonSternberg
Senior Member
Posts: 151
Joined: 2017-09-12
Senior Member
Posts: 151
Joined: 2017-09-12
#5549677 Posted on: 05/24/2018 02:06 PM
Oh yeah, the big bad scary Russia is at again, infecting people's routers because they're so evil
Oh yeah, the big bad scary Russia is at again, infecting people's routers because they're so evil
SSD_PRO
Senior Member
Posts: 174
Joined: 2013-02-07
Senior Member
Posts: 174
Joined: 2013-02-07
#5549681 Posted on: 05/24/2018 02:23 PM
This is the strangest group of comments - kind of surprises me. Here we have everything from Lol, the USA blames everything on other countries to its the darn jews, they do things like this and make people think its russia. Seriously strange buffoonery. Half of these assumptions think some US citizen did it to themselves for distraction. That also assumes these people are skilled enough which means you obviously haven't worked in a US based industry where coding is required. The coders your company wants aren't graduating from Florida State. It seems much more likely given certain signatures that it was the work of a citizen of a mid-level once great company working on behalf of the country to gain what little leverage they still can.
This is the strangest group of comments - kind of surprises me. Here we have everything from Lol, the USA blames everything on other countries to its the darn jews, they do things like this and make people think its russia. Seriously strange buffoonery. Half of these assumptions think some US citizen did it to themselves for distraction. That also assumes these people are skilled enough which means you obviously haven't worked in a US based industry where coding is required. The coders your company wants aren't graduating from Florida State. It seems much more likely given certain signatures that it was the work of a citizen of a mid-level once great company working on behalf of the country to gain what little leverage they still can.
Noisiv
Senior Member
Posts: 6990
Joined: 2010-11-16
Senior Member
Posts: 6990
Joined: 2010-11-16
#5549682 Posted on: 05/24/2018 02:25 PM
Didn't you read the news? This apparently highly professional company, one of the world leaders in networking, has literally said:
"It's the Russians, because the last time it happened our govt had said it was the Russians."
It's almost always Israel doing this kind of stuff. They do a lot of crap and blame it on the Russians, because everyone knows America hates them "commy bastards" (although I fail to realise why).
Didn't you read the news? This apparently highly professional company, one of the world leaders in networking, has literally said:
"It's the Russians, because the last time it happened our govt had said it was the Russians."
I'll just quote Cisco; "Cisco’s Talos cyber intelligence unit has high confidence that the Russian government is behind the campaign, according to Cisco researcher Craig Williams,
because the hacking software shares code with malware used in previous cyber attacks that the U.S. government has attributed to Moscow".
Click here to post a comment for this news story on the message forum.
Senior Member
Posts: 927
Joined: 2011-01-11
Ok, so this is a bit worrying unless I'm interpreting this article wrongly. The article reads:
"the known devices affected by the malware called VPNFilter are Linksys, MikroTik, NETGEAR and TP-Link networking equipment in the small and home office (SOHO) space, as well at QNAP network-attached storage (NAS) devices"
So this means anyone with a router from those companies are open to be infected with this thing? I own a router from one of these companies and the latest firmware is from 2016, nothing newer released. Is there any way to find out if your router is infected? If this is the case then pretty much everyone at home with a router could be affected given that popular list of manufacturers.
EDIT: In the Reuters article it has the following advice to protect your router:
"Netgear representative Nathan Papadopulos said the company was looking into the matter. He advised customers to make sure their routers are patched with the latest version of its firmware, disable remote management and make sure they have changed default passwords shipped with the device."
Well I've already done those security procedures when I first had my router, so should be ok I guess then.
That's why I like Netgear because they're usually the first to slap on a firmware update. Especially when compared to that of linksys. I know they were first the last time some squabble came about in the interweb... But this is obviously a bit more severe it would seem.... Damn this hardware level infection shtuff....
Anyone who uses the default anything on their hardware deserves a good'ol "backdooring" if you ask me...