Guru3D.com
  • HOME
  • NEWS
    • Channels
    • Archive
  • DOWNLOADS
    • New Downloads
    • Categories
    • Archive
  • GAME REVIEWS
  • ARTICLES
    • Rig of the Month
    • Join ROTM
    • PC Buyers Guide
    • Guru3D VGA Charts
    • Editorials
    • Dated content
  • HARDWARE REVIEWS
    • Videocards
    • Processors
    • Audio
    • Motherboards
    • Memory and Flash
    • SSD Storage
    • Chassis
    • Media Players
    • Power Supply
    • Laptop and Mobile
    • Smartphone
    • Networking
    • Keyboard Mouse
    • Cooling
    • Search articles
    • Knowledgebase
    • More Categories
  • FORUMS
  • NEWSLETTER
  • CONTACT

New Reviews
Scythe Mugen 5 Rev.C CPU Cooler review
be quiet Pure Loop 2 FX 280mm LCS review
HP FX900 1 TB NVMe Review
Scythe FUMA2 Rev.B CPU Cooler review
SK Hynix Platinum P41 2TB M.2 NVMe SSD Review
Corsair K70 RGB PRO Mini Wireless review
MSI MPG A1000G - 1000W PSU Review
Goodram IRDM PRO M.2 SSD 2 TB NVMe SSD Review
Samsung T7 Shield Portable 1TB USB SSD review
DeepCool LS720 (LCS) review

New Downloads
Corsair Utility Engine Download (iCUE) Download v4.27.168
Download Intel network driver package 27.6
AMD Radeon Software Adrenalin 22.8.1 driver download
Prime95 download version 30.8 build 16
Memtest86 9.5 download
Intel ARC graphics Driver Download Version: 30.0.101.1743
GeForce 516.94 WHQL driver download
Display Driver Uninstaller Download version 18.0.5.4
FurMark Download v1.31
Intel HD graphics Driver Download Version: 31.0.101.3222


New Forum Topics
NVIDIA GeForce 516.94 WHQL driver download & Discussion [3rd-Party Driver] Amernime Zone Radeon Release Nemesis 22.6.1 WHQL DriverPack (22.7.1 pending ...) Cooling of Asus TUF 3080 12GB Google released latest mobile operating system, Android 13. Windows: Line-Based vs. Message Signaled-Based Interrupts. MSI tool. Razer lightweight wireless mouse DeathAdder V3 Pro - supports 4,000Hz rate with optional dongle Slow SSD write speed AMD Ryzen 7950X, 7900X, 7700X and 7600X Zen4 processors pricing at Canada etailer Ray tracing. Whats the trick? HDMI stopped working after power outage




Guru3D.com » News » Malware Spreading Through Linksys, Netgear, TP-Link routers and QNAP NAS

Malware Spreading Through Linksys, Netgear, TP-Link routers and QNAP NAS

by Hilbert Hagedoorn on: 05/23/2018 06:39 PM | source: | 23 comment(s)
Malware Spreading Through Linksys, Netgear, TP-Link routers and QNAP NAS

There is a report going viral at the moment, a new aggressive malware dubbed VPNFilter is spreading rapidly. Cisco is spreading the news that already over half a million devices in at least 54 countries already have been infected. 

While the list may not be complete, the known devices affected by the malware called VPNFilter are Linksys, MikroTik, NETGEAR and TP-Link networking equipment in the small and home office (SOHO) space, as well at QNAP network-attached storage (NAS) devices.  While we're always a bit careful pointing fingers, I'll just quote Cisco; "Cisco’s Talos cyber intelligence unit has high confidence that the Russian government is behind the campaign, according to Cisco researcher Craig Williams, because the hacking software shares code with malware used in previous cyber attacks that the U.S. government has attributed to Moscow". 

VPNFilter allows hackers to access infected computers and devices. Then, according to Cisco, they can be used for espionage or the execution of attacks (DDoS) on other computers and networks. It is not yet clear how the devices precisely become infected however most routers and NAS servers targeted, particularly run older versions of OS software and/or have known public exploits or default credentials that make compromise relatively straightforward. 

Routers from Linksys, Mikrotik, Netgear and TP-link and NAS systems from Qnap are most susceptible, Cisco recommends that users restore the devices to the factory settings to remove the malware. We obviously recommend you to install the latest firmware on your Router and internet connected NAS units.

Source: Cisco's Talos and Reuters.




Malware Spreading Through Linksys, Netgear, TP-Link routers and QNAP NAS




« Battlefield 1 DLC In the Name of the Tsar now for Free as well · Malware Spreading Through Linksys, Netgear, TP-Link routers and QNAP NAS · Download: Radeon Software Adrenalin Edition 18.5.1 »

Related Stories

Microsoft Agrees Windows 10 upgrade was pushed too aggressively - 12/24/2016 10:28 AM
In a video interview with Microsoft’s Chief Marketing Officer (CMO), Chris Capossela, he stated that Microsoft has been too aggressive in pushing the Windows 10 upgrade. ...

Act of Aggression Ships - 09/03/2015 08:26 AM
I've been hering good thigns about this game. Eugen Systems now offers Act of Aggression, their new real-time strategy game, which is available on Steam with a 15% launch discount. They also announc...


5 pages 1 2 3 4 5


Fox2232
Senior Member



Posts: 11809
Joined: 2012-07-20

#5549418 Posted on: 05/23/2018 08:02 PM
LoL. "...because the hacking software shares code with..."
So they have that code and dare to point finger? I say it is Cisco themselves trying to harm any kind of competition!
If it is not them, then it can be anyone as code is apparently out there in the wild.

WareTernal
Senior Member



Posts: 256
Joined: 2013-09-27

#5549423 Posted on: 05/23/2018 08:16 PM
LoL. "...because the hacking software shares code with..."

Yeah, maybe it is Russia, but you've have to do better than this. Saying "it kinda looks like something the U.S. government has blamed on Moscow before" carries ZERO weight. Blaming Russia is SOP...

Robbo9999
Senior Member



Posts: 1628
Joined: 2012-10-07

#5549431 Posted on: 05/23/2018 08:35 PM
Ok, so this is a bit worrying unless I'm interpreting this article wrongly. The article reads:

"the known devices affected by the malware called VPNFilter are Linksys, MikroTik, NETGEAR and TP-Link networking equipment in the small and home office (SOHO) space, as well at QNAP network-attached storage (NAS) devices"

So this means anyone with a router from those companies are open to be infected with this thing? I own a router from one of these companies and the latest firmware is from 2016, nothing newer released. Is there any way to find out if your router is infected? If this is the case then pretty much everyone at home with a router could be affected given that popular list of manufacturers.

EDIT: In the Reuters article it has the following advice to protect your router:
"Netgear representative Nathan Papadopulos said the company was looking into the matter. He advised customers to make sure their routers are patched with the latest version of its firmware, disable remote management and make sure they have changed default passwords shipped with the device."

Well I've already done those security procedures when I first had my router, so should be ok I guess then.

schmidtbag
Senior Member



Posts: 6680
Joined: 2012-11-10

#5549441 Posted on: 05/23/2018 08:58 PM
I can't help but roll my eyes whenever Russia or China are suspected of such things. Sure, it's a real possibility, but Cisco seemed waaay too willing to point fingers.

Fox2232
Senior Member



Posts: 11809
Joined: 2012-07-20

#5549453 Posted on: 05/23/2018 09:42 PM
Yeah, maybe it is Russia, but you've have to do better than this. Saying "it kinda looks like something the U.S. government has blamed on Moscow before" carries ZERO weight. Blaming Russia is SOP...

Issue I have with that is simple. You do not see USA government publicly stating: "Sorry world, our home grown hackers we have nothing in common with did this to you all."
But they are always quick to blame some other government/country.

5 pages 1 2 3 4 5


Post New Comment
Click here to post a comment for this news story on the message forum.


Guru3D.com © 2022