On May 23 and further updated on June 6, Cisco announced the discovery of a malware attack targeting small office and home office network devices. This malware gives the attacker the ability to read your internet traffic, steal passwords, spread more malware and to disable the device. This threat has been verified by numerous third-parties, including the FBI.
What should I do?
Regardless of whether your device is on the list, we recommend you take the following steps:
- Reboot the device, by unplugging it for 60 seconds and then plugging it back in. This will result in your network being down for a short period of time.
- If your device is from one of the following manufacturers, follow their instructions:
- ASUS: See the 06/08/2018 Security Advisory for VPNFilter on https://www.asus.com/Static_WebPage/ASUS-Product-Security-Advisory/
- D-LINK: https://securityadvisories.dlink.com/announcement/publication.aspx?name=SAP10085
- HUAWEI: http://www.huawei.com/us/psirt/security-notices/huawei-sn-20180607-01-vpnfilter-en
- LINKSYS: https://community.linksys.com/t5/Wireless-Routers/VPNFilter-Malware-Update/td-p/1315372
- MIKROTIK: https://forum.mikrotik.com/viewtopic.php?f=21&t=134776
- NETGEAR: https://kb.netgear.com/000058814/Security-Advisory-for-VPNFilter-Malware-on-Some-NETGEAR-Devices
- QNAP: https://www.qnap.com/en-us/security-advisory/nas-201805-24
- TP-LINK: https://www.tp-link.com/en/faq-2213.html
- UBIQUITI: Update to latest firmware, change default passwords
- Update your wireless router to the manufacturer’s latest recommended firmware, even if not in the list.
- If you haven’t changed the default device admin password, do so now. Instructions should be provided by the manufacturer. Follow good password practices by using a unique password, that is long (at least 8 characters) and contains letters, numbers and special characters ($%^&!*^…). The device admin password is different than the wireless password.
- If the device has “remote access” or “remote administration” features, and you don’t need them (or know if you need them), turn them off.
What devices are vulnerable?
The list of vulnerable devices consists mainly of ones that would be running at home or in a small office setting, and includes internet/wireless routers and storage devices:
Other QNAP NAS devices running QTS software
Upic does not support home networking equipment. We recommend you contact the device manufacturer, ISP and/or network provider for primary assistance. If you don’t know who to call, please contact Upic Member Services and we’ll be happy to point you in the right direction.