General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsFBI to America: Reboot Your Routers, Right Now There's a sneaky bit of malware going around.
https://www.popularmechanics.com/technology/security/a20918611/vpnfilter-malware-reboot-router/The FBI has issued a dire warning to everyone who has a router in their home. The Internet Crime Complaint Center sent a rare Public Service Announcement declaring: "Foreign cyber actors have compromised hundreds of thousands of home and office routers and other networked devices worldwide."
The hackers are using VPNFilter malware to target small office and home office routers, the FBI said. "VPNFilter is able to render small office and home office routers inoperable," the FBI warns. "The malware can potentially also collect information passing through the router. Detection and analysis of the malwares network activity is complicated by its use of encryption."
The feds recommends "any owner of small office and home office routers reboot the devices to temporarily disrupt the malware and aid the potential identification of infected devices." They also advise to consider disabling remote management settings on devices, use encryption, upgrade firmer and choose new and different passwords, which is pretty much best practice anyway.
The IC3, formerly known as the Internet Fraud Complaint Center was renamed in October 2003 to include this kind of attack. Their stated mission "is to provide the public with a reliable and convenient reporting mechanism to submit information to the Federal Bureau of Investigation concerning suspected Internet-facilitated criminal activity and to develop effective alliances with law enforcement and industry partners."
Today, that means telling you to reboot your router, so hop to it.
snip
FBI agents take aim at VPNFilter botnet, point finger at Russia, yell 'national security threat'
Feds warn admins malware is rather tough to destroy
https://www.theregister.co.uk/2018/05/24/fbi_vpnfilter_botnet/
The FBI says it is taking steps to stop the spread of the VPNFilter malware and botnet, warning that it's a national security issue.
The bureau's offensive includes seizing a domain believed to have been used as part of the command and control structure for VPNFilter's 500,000-strong network of infected routers and storage devices.
The FBI also made some interesting revelations about the botnet, including confirming that it was being run by the Russian "Sofacy" or "Fancy Bear" group that has previously carried out international hacking campaigns against the US and other countries on behalf of the Russian government.
Just hours before the FBI announced it had seized the command and control domain, researchers with Cisco's Talos security team publicly announced the discovery of the worm they had described as a "concerning" attack that had already spread to more than half a million devices in 54 countries around the world.
The government echoed that concern in its announcement, acknowledging that VPNFilter is already considered to be a national security concern for the US.
snip
msongs
(67,441 posts)Kajun Gal
(1,907 posts)Blue_true
(31,261 posts)The process is simple, but there is an order that you should follow. Power down your computer and tv first, if you have a home router between your cable box, power that down, then power your cable box down. Wait about two minute and power back up in the reverse order that you powered down.
Cable boxes used to be simple, but providers have put a lot of bells and whistles in them that make them more vulnerable to external control other than the provider.
pangaia
(24,324 posts)My TV, which I almost never watch, has it's own box with TWC... just basic plan. No router... I guess
Do I still need to do something with the TV?
Blue_true
(31,261 posts)and if so, do you connect your tv to the web through your cable to get movies? If so, your cable modem has a significant amount of configurable software in it and can take in malware instructions. I would say reboot it, but you may want to call your cable company.
pangaia
(24,324 posts)It could be I guess. but I have no interest in doing it.
Thanks very much..
Blue_true
(31,261 posts)You have to actively connect your tv to the web. If your tv is less than 3 years old, it likely can be connected to the web through your cable company (but they will charge an additional ISP fee).
Blue_true
(31,261 posts)People that have smart phones should delete their search history, power the phone down, wait a few minutes, then power it back up. It creates a hassle, you have to research sites in some cases, but it also removes some potential malware and unwanted cookies.
sarah FAILIN
(2,857 posts)My kid is handling it for me.
greyl
(22,990 posts)ugh.
That's what we call them.
sarah FAILIN
(2,857 posts)But this isn't showing up on the FBI page. The kid and friends think it might be not 100 and really meant to scare people
https://www.fbi.gov/@@search?SearchableText=Router&pageSize=20&page=1
Exotica
(1,461 posts)sarah FAILIN
(2,857 posts)The FBI would have it on their own site. This is steange.
Exotica
(1,461 posts)They should have a warning on their FBI site.
I looked for it there directly because I was afraid the hackers could make their own fake site for it then trick us into downloading something.
Oh well, my stuff has been updated.
sarah FAILIN
(2,857 posts)I didn't update my kid on what you showrd me last night because it was so late. He called the FBI office in our state at nearly midnight thinking there would be an info recording or whatever. They answered, lol! The person didn't know about this, but he found it on Netgear later. Just thought that was funny.
I think this is a case of the left hand not knowing what the right hand was doing. Thanks for the early warning.