Railfan Technology > Router Malware Heads up and News Link

Have been reading about a consumer level Router Malware in a number of news sources in the past few hours. This apparently gets into the Router and is capable of reporting websites, Log-ins and Passwords. It also has a self destruct or 'brick' command. to round out it's list it is capable of going into a 'bot' mode to be used in 'denial of service' attacks, responding to previously loaded malware. Very complete paranoia list.

The news reports say a Router reboot or hard reboot should resolve the malware temporarily but could be re-infected later. Apparently manufacturers are working on a download for a long term 'fix'.

Another approach would be to purchase a more sophisticated Router not on the list, or to have a simple back-up router on the shelf in case any of the list of symptoms shows up. Users with a ISP or Cable service supplied and managed Router should check with the Provider for any updates.

https://www.pcmag.com/news/361373/malware-that-can-brick-wi-fi-routers-hits-500-000-devices

Similar stories on a number of other news sites. Tech-savvy TO subscribers may already know about this but the more 'common man' among us may not be aware of this.



Edited 1 time(s). Last edit at 05/24/18 22:12 by TCnR.

Guess I am even lower then a common man, its all Greek to me.

mundo Wrote:
-------------------------------------------------------
> Guess I am even lower then a common man, its all
> Greek to me.

Mundo, don't worry, most people will not understand what he said.

In a nut shell, once again, manufacturers of routers and the ISPs that provide (in this case primarily home and small business) internet access and include a router in that (a router is required) have failed to properly exercise due diligence and have left them open to malicious activity by others. A big story that happens every 3-5 years.

The 'common man' fix is to re-boot your router every week or so.

Typically you shut off your modem, router and then all the devices that use them, wait ten minutes and progressively turn them back on. Most routers will have those instructions somewhere. Eventually the manufacturers will fix this one too...and the Hackers will find another opening.

In Network based industries it's considered very bad to let someone hijack your Network. The typical home user just wants a clue how to make the stuff work when they want to use it.

+ Should have also said the 'Geek' fix, as discussed in the article, is to find the router manufactures updated software and then load it. Usually discussed in the router instructions or the Manufacturers site.



Edited 1 time(s). Last edit at 05/25/18 13:15 by TCnR.

mundo Wrote:
-------------------------------------------------------
> Guess I am even lower then a common man, its all
> Greek to me.

In the article, scroll down a page or two, and you'll see a list of equipment being affected, organized by manufacturer and model. A "common man" shouldn't have more than 1-2 network equipment in the household, so you should be able to find out quickly whether you should be worried or not.

Essentially, hackers wrote "malware" (short for malicious software) to hijack your network equipment, to spy on your activity and/or send out commands to infect other equipment. It's sophisticated enough to "self-destruct" to cause massive outages. It's a way to disrupt a society highly dependent on the Internet, to cause frustration, anger, and disorder. It's a form of terrorism.

TCnR Wrote:
-------------------------------------------------------
> The 'common man' fix is to re-boot your router
> every week or so.
>
> Typically you shut off your modem, router and then
> all the devices that use them, wait ten minutes
> and progressively turn them back on. Most routers
> will have those instructions somewhere. Eventually
> the manufacturers will fix this one too...and the
> Hackers will find another opening.
>
> In Network based industries it's considered very
> bad to let someone hijack your Network. The
> typical home user just wants a clue how to make
> the stuff work when they want to use it.
>
> + Should have also said the 'Geek' fix, as
> discussed in the article, is to find the router
> manufactures updated software and then load it.
> Usually discussed in the router instructions or
> the Manufacturers site.

I have Optimum Triple Play. I am more or less restricted to what they gave me and would swap it out with them if it gave me any trouble.

joemvcnj Wrote:
-------------------------------------------------------
> I have Optimum Triple Play. I am more or less
> restricted to what they gave me and would swap it
> out with them if it gave me any trouble.

You can run your own router/firewall behind their unit. All you have to do is tell them you want their router in bridge mode only. Then your router/firewall with YOUR secure password is what is controlling your network.