This type of malware called VPNFilter is capable of stealing personal data and this is achieved since it can obtain all the data that is sent through that network. It could be done with things as sensitive as passwords and usernames a serious problem for users since security and privacy are at risk. This malware has a multi-phase action:
▸In the first phase, the malware seeks to persistently infiltrate infected devices, staying there even if you restart it.
▸In the second phase, it proceeds to collect and send data from the infected network, as well as execute malicious commands to try to control infected devices.
Take note that in this phase of total control it is also possible that malware can break the device and render it unusable by rewriting the firmware.
▸The third and final phase consists of installing plugins that extend the capabilities of the first phase, such as adding functions to sniff packages, inject scripts, or access files on the system.
VPNFilter is a type of malware that could seriously damage our router. It targets a wide range of manufacturers, so it is not unique to one model. It can affect many users around the world. This differs from other similar threats since it continues despite restarting the device and is one of the aspects that makes it even more dangerous.
The best thing we can do to make sure is go to a testing site. We simply check the box of terms and conditions and we start. It only takes a few seconds. If all is well, which will be the case in most cases, it will indicate in a message that it is not infected and that there are no VPNFilter indicators on our router.
But… in the case of being infected we would have to reset the router to the factory default values. In addition, the latest firmware version of the device should be installed.
Related reads:
Wi-fi Router – Tips to improve its security
Be very careful with VPN vulnerabilities
[…] related topics:VPNFilter – A serious risk for routersDNS Poisoning – A Real Danger for DNS […]