Another danger stalks the network, infecting hundreds of routers around the world. This is VPNFilter, a new type of malware created by hacker groups of Russian origin, which has made even the FBI nervous. It was the United States police department that had to warn of the spread of the virus. VPNFilter has already infected more than 500,000 routers in 50 countries around the world, and its expansion appears to be far from slowing down. Will your router be among the infected?
The new malware was discovered about two weeks ago by security companies Cisco and Symantec. At first they thought that the main objective of VPNFilter was to infect routers, NAS or switches of small offices or homes to mount a huge botnet with the purpose of launching massive coordinated attacks on specific targets. Basically, it was believed to be a type of malware that would not endanger users' computers . The truth is that it seems that this is not quite so. It is now thought that this virus also aims to attack PCs around the world. Symantec and Cisco have found that this malware can also bypass SSL encryption, inject more malicious code into incoming traffic, and steal sensitive data such as passwords.
How to know if your router is among the infected
Experts say that VPNFilter is infecting routers around the world. Therefore, there is a small possibility that your device has been attacked, and this is something you have to keep in mind to take action. Next, we leave you the list of router models that have been affected by malware. Check if yours is among them.
Asus :
- RT-AC66U
- RT-N10
- RT-N10E
- RT-N10U
- RT-N56U
- RT-N66U
D-Link :
- DES-1210-08P
- DIR-300
- DIR-300A
- DSR-250N
- DSR-500N
- DSR-1000
- DSR-1000N
Huawei :
- HG8245
Linksys :
- E1200
- E2500
- E3000
- E3200
- E4200
- RV082
- WRVS4400N
Mikrotik :
- CCR1009
- CCR1016
- CCR1036
- CCR1072
- CRS109
- CRS112
- CRS125
- RB411
- RB450
- RB750
- RB911
- RB921
- RB941
- RB951
- RB952
- RB960
- RB962
- RB1100
- RB1200
- RB2011
- RB3011
- RB Groove
- RB Omnitik
- STX5
Netgear :
- DG834
- DGN1000
- DGN2200
- DGN3500
- FVS318N
- MBRN3000
- R6400
- R7000
- R8000
- WNR1000
- WNR2000
- WNR2200
- WNR4000
- WNDR3700
- WNDR4000
- WNDR4300
- WNDR4300-TN
- UTM50
QNAP :
- TS251
- TS439 Pro
- Other QNAP models running QTS software
TP-Link :
- R600VPN
- TL-WR741ND
- TL-WR841N
Ubiquiti :
- NSM2
- PBE M5
Upvel :
- Unknown models
ZTE :
- ZXHN H108N
If your model is on this list and you think it may be infected, Symantec recommends restarting it immediately to prevent malware from blocking the router. This is a temporary solution, as VPNFilter would still have the power to infect you. Another thing you can do, while the manufacturer releases a firmware update, is to perform a hard reset that restores the router to factory settings. We recommend that you make a backup copy of all configuration settings and credentials before doing so, as they will be erased during the process.
The real danger of VPNFilter is to take control of your computer and obtain confidential information, such as passwords or bank accounts. In addition, among the infected routers there are very common brands in the homes of our country . ASUS, D-Link, Huawei or ZTE. As we say, at the moment there are about 500,000 affected routers in 50 countries around the world, so the figure is not what is said small.