Q1. What should I do if my router is affected?
Reboot immediately by performing a hard reset on device!
Steps to hard reset your Asus router:
- Reset the device to factory default: Hold the Reset button in the rear for at least five seconds until the power LED starts blinking
- Update all devices to the latest firmware
- Ensure default admin password had been changed to a more secure one
- Disable Remote Management (disabled by default, can only be enabled via Advanced Settings)
- Enable the URL filter in the Advanced Settings -> Firewall. Set the Filter table type as Black List. Add the "Photobucket" and "toknowall" in the URL filter list.
Q2. Is my router affected?
List of routers affected:
- Asus RT-AC66U
- Asus RT-N56U (EOL)
- Asus RT-N10 (EOL)
- Asus RT-N10E (EOL)
- Asus RT-N10U (EOL)
- Asus RT-N66U
Other affected routers can be found here
For any users with the EOL models listed above, we strongly advise you to upgrade to Wi-Fi Hub or Wi-Fi halo router. More information on the routers can be found here.
Q3. What is VPNFilter Malware?
VPNFilter Malware is a new threat which targets a range of routers and network-attached storage (NAS) devices are capable of knocking out infected devices by rendering them unusable. It is capable of maintaining a persistent presence on an infected device, even after a reboot.
VPNFilter has a range of capabilities including:
- Spying on traffic being routed through the device
- Theft of website credentials
- Intercepting all traffic going through the device via port 80, meaning the attackers can snoop on web traffic and also tamper with it to perform man-in-the-middle (MitM) attacks
- Change HTTPS requests to ordinary HTTP requests, meaning data that is meant to be encrypted is sent insecurely
- Harvest credentials and other sensitive information from the victim’s network
- Destructive capability and can effectively “brick” the device if it receives a command from the attackers
- Overwriting a section of the device’s firmware and rebooting, rendering it unusable
- Monitoring of Modbus SCADA
For more info, head over to this article.