Russian malware, known as VPNFilter has infected millions of internet connected routers and devices across the globe. It efficiently collects personal information by monitoring your internet activity and sends it to the Dark Web. If you have one of our Managed Security Firewalls, you’re okay but if you’re using a Belkin, Linksys, Netgear or TP-Link device, read on.
The hacker alias behind this malware is called Sofacy, a hacker group working with the Russian government. They became famous for hacking the Democratic National Committee during the 2016 U.S Election.
The FBI issued an alert last week, asking users to secure their routers by changing default passwords and to reboot them, just to be safe as it interrupts the infection process of the device. To date, VPNFilter is known to be capable of infecting enterprise and small office/home office routers from Linksys, MikroTik, Netgear, and TP-Link, as well as QNAP network-attached storage (NAS) devices. These include:
- Linksys E1200
- Linksys E2500
- Linksys WRVS4400N
- Mikrotik RouterOS for Cloud Core Routers: Versions 1016, 1036, and 1072
- Netgear DGN2200
- Netgear R6400
- Netgear R7000
- Netgear R8000
- Netgear WNR1000
- Netgear WNR2000
- QNAP TS251
- QNAP TS439 Pro
- Other QNAP NAS devices running QTS software
- TP-Link R600VPN
If you have one of them, I recommend disconnecting it immediately or having CTTS take a look at it. If you would like assistance or have any questions, give us a call at (512) 388-5559.
Stay safe out there.