TiVo Community Forum banner
1 - 15 of 15 Posts

·
TiVoholic by the bay
Joined
·
14,194 Posts
Discussion Starter · #1 ·
You need to pull the power to your Gateway/Router & modem on your network.

This is to clear out malware called VPNFilter which seems to be very hard to detect. It can take from 1 to 5 minutes for it to be operational again.
 

·
Go Pats!
Joined
·
9,595 Posts
I also updated the firmware on my nighthawk r7000. a new one was put out, presumably related to the malware?
 

·
Registered
Joined
·
124 Posts
So what will rebooting do?

From the article referenced above:

"The VPNFilter malware is a multi-stage, modular platform with versatile capabilities to support both intelligence-collection and destructive cyber attack operations.

The stage 1 malware persists through a reboot, which sets it apart from most other malware that targets internet-of-things devices because malware normally does not survive a reboot of the device. The main purpose of stage 1 is to gain a persistent foothold and enable the deployment of the stage 2 malware. Stage 1 utilizes multiple redundant command and control (C2) mechanisms to discover the IP address of the current stage 2 deployment server, making this malware extremely robust and capable of dealing with unpredictable C2 infrastructure changes."
 

·
tabasco rules
Joined
·
15,893 Posts
You need to pull the power to your Gateway/Router & modem on your network.

This is to clear out malware called VPNFilter which seems to be very hard to detect. It can take from 1 to 5 minutes for it to be operational again.
that's not the way i read the fbi notice, they didn't suggest the reboot as a fix, instead specifically stating it was advised to "temporarily disrupt" and "aid the potential identification of infected devices":
The FBI recommends any owner of small office and home office routers reboot the devices to temporarily disrupt the malware and aid the potential identification of infected devices. Owners are advised to consider disabling remote management settings on devices and secure with strong passwords and encryption when enabled. Network devices should be upgraded to the latest available versions of firmware.
 
  • Like
Reactions: krkaufman

·
Registered
Joined
·
935 Posts
More then anything the reboot is to help the FBI find out what other router manufacturers are affected. If you listen upgrade security now you should also follow Steve's advice and upgrade the firmware if any is available to rid the router of malware. If there's no update he suggests if you can to reflash the most current available.
 

·
Registered
Joined
·
1,744 Posts
OK, this was a good excuse to upgrade the firmware on my Asus router with the latest asuswrt/merlin version. It is a new major version, so I had to factory reset and it took most of the afternoon to get it reconfigured again, but now I'm finally up to the latest version. Seems to be working, haven't noticed anything that got better or worse.
 
1 - 15 of 15 Posts
This is an older thread, you may not receive a response, and could be reviving an old thread. Please consider creating a new thread.
Top