VPNFil­ter IoT mal­ware gets ev­ery­where

Maximum PC - - QUICKSTART -

A SO­PHIS­TI­CATED PIECE of mal­ware, orig­i­nat­ing from a Rus­sian group of hack­ers, has qui­etly found its way into over half a mil­lion routers world­wide. It’s a bot­net that can steal data, de­liver ma­li­cious pay­loads, the “man in the mid­dle” at­tack, and kill in­fected de­vices. It com­mu­ni­cates via Tor, and sur­vives a re­boot. Sounds scary. It’s largely been aimed at small and home of­fice routers, and NAS de­vices. The kind of gear that may not be care­fully up­dated or mon­i­tored.

VPNFil­ter re­ceived in­struc­tions from meta­data hid­den in images on Pho­to­bucket, or the to­knowall.com do­main. The Pho­to­bucket images have been re­moved, and the FBI has shut down the backup do­main. This still leaves those in­fected routers out there, though. A hard re­set, a re­turn to fac­tory de­fault set­tings, should clear the in­fec­tion, although it is ad­vis­able to check in­di­vid­ual man­u­fac­tur­ers’ ad­vice.

Newspapers in English

Newspapers from Australia

© PressReader. All rights reserved.