Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Author Topic: VPNFilter Malware Targeting More Consumer Broadband Routers  (Read 241 times)

Bowdon

  • Content Team
  • Kitizen
  • *
  • Posts: 1592

https://www.ispreview.co.uk/index.php/2018/06/vpnfilter-malware-targeting-more-consumer-broadband-routers.html

Quote
Last month security researchers found that a sophisticated and “likely state-sponsored” malware, dubbed VPNFilter, had become widespread and was infecting business devices from Linksys, MikroTik, NETGEAR and TP-Link. Sadly the code is now also hitting kit from ASUS, D-Link, Huawei, Ubiquiti, UPVEL and ZTE.

Quote
    Known Affected Devices

    Asus Devices:
    RT-AC66U (new)
    RT-N10 (new)
    RT-N10E (new)
    RT-N10U (new)
    RT-N56U (new)
    RT-N66U (new)

    D-Link Devices:
    DES-1210-08P (new)
    DIR-300 (new)
    DIR-300A (new)
    DSR-250N (new)
    DSR-500N (new)
    DSR-1000 (new)
    DSR-1000N (new)

    Huawei Devices:
    HG8245 (new)

    Linksys Devices:
    E1200
    E2500
    E3000 (new)
    E3200 (new)
    E4200 (new)
    RV082 (new)
    WRVS4400N

    Mikrotik Devices:
    CCR1009 (new)
    CCR1016
    CCR1036
    CCR1072
    CRS109 (new)
    CRS112 (new)
    CRS125 (new)
    RB411 (new)
    RB450 (new)
    RB750 (new)
    RB911 (new)
    RB921 (new)
    RB941 (new)
    RB951 (new)
    RB952 (new)
    RB960 (new)
    RB962 (new)
    RB1100 (new)
    RB1200 (new)
    RB2011 (new)
    RB3011 (new)
    RB Groove (new)
    RB Omnitik (new)
    STX5 (new)

    Netgear Devices:
    DG834 (new)
    DGN1000 (new)
    DGN2200
    DGN3500 (new)
    FVS318N (new)
    MBRN3000 (new)
    R6400
    R7000
    R8000
    WNR1000
    WNR2000
    WNR2200 (new)
    WNR4000 (new)
    WNDR3700 (new)
    WNDR4000 (new)
    WNDR4300 (new)
    WNDR4300-TN (new)
    UTM50 (new)

    QNAP Devices:
    TS251
    TS439 Pro
    Other QNAP NAS devices running QTS software

    TP-Link Devices:
    R600VPN
    TL-WR741ND (new)
    TL-WR841N (new)

    Ubiquiti Devices:
    NSM2 (new)
    PBE M5 (new)

    Upvel Devices:
    Unknown Models* (new)

    ZTE Devices:
    ZXHN H108N (new)

    * Malware targeting Upvel as a vendor has been discovered, but they are unable to determine which specific device it is targeting.

I noticed my old RT-N66U is on the list. It is scary that so many router vendors are using the same base software in their devices. One base attack seems to take down many of them.
Logged
BT Infinity 2 - Smart Hub 6 - ECI Cab

Browni

  • Reg Member
  • ***
  • Posts: 116
Re: VPNFilter Malware Targeting More Consumer Broadband Routers
« Reply #1 on: June 07, 2018, 11:17:20 AM »

Interesting that my Asus DSL-AC88U is not on the list, possibly down to the Broadcom firmware?
Logged

CarlT

  • Reg Member
  • ***
  • Posts: 835
Re: VPNFilter Malware Targeting More Consumer Broadband Routers
« Reply #2 on: June 07, 2018, 11:38:21 AM »

Looks like it exploits Busybox compiled for certain architectures. Won't be related to the DSL firmware per se.
Logged

Bowdon

  • Content Team
  • Kitizen
  • *
  • Posts: 1592
Re: VPNFilter Malware Targeting More Consumer Broadband Routers
« Reply #3 on: June 07, 2018, 12:47:01 PM »

I noticed the article didnt say how we'd actually notice if the router was infected.

Is there any way to tell?
Logged
BT Infinity 2 - Smart Hub 6 - ECI Cab
 

anything