Users can get malware from router after confiscation c & c server by FBI

Spread the love

Because the US intelligence service FBI has seized a command & control server, it is possible to deactivate the malware that has recently affected half a million users by rebooting the router.

The malware consists of different parts. The first part is not harmful and survives reboots, but needs instructions from a server to install the payload of the second and third part. Those parts do not survive reboots. Now that the server giving directions on where the second and third parts can be found online is offline, the danger has passed, writes The Daily Beast .
The FBI has received permission from the court to Verisign com to take over the domain ToKnowAll [.] com, causing the malware to contact FBI servers from now on. The intelligence service does this to collect IP addresses from affected routers
On the site of Cisco’s security branch Talos more information about the VPNFilter. The Ukrainian government organization SBU believes that the Russian government is behind the attack, possibly for an attack during the Champions League final on Saturday. Cisco also suspects that the Russian state is behind the attack.

Linksys Mikrotik Netgear Qnap TP-Link
E1200 1016 DGN2200 TS251 R600VPN
E2500 1036 R6400 TS439 Pro
WRVS4400N 1072 R7000
[19659006] R8000
WNR1000
WNR2000

You might also like