Slashdot Mirror
VPNFilter Can Also Infect ASUS, D-Link, Huawei, Ubiquiti, UPVEL, and ZTE Devices (bleepingcomputer.com)
Catalin Cimpanu, writing for BleepingComputer: The VPNFilter malware that infected over 500,000 routers and NAS devices across 54 countries during the past few months is much worse than previously thought. According to new research technical details published today by the Cisco Talos security team, the malware -- which was initially thought to be able to infect devices from Linksys, MikroTik, Netgear, TP-Link, and QNAP -- can also infect routers made by ASUS, D-Link, Huawei, Ubiquiti, UPVEL, and ZTE. The list of devices vulnerable to VPNFilter has seen a sharp jump from Cisco's original report, going from 16 device models to 71 -- and possibly more.
I have both a Synology router and NAS and find it curious this entire brand is omitted from getting infected. Thoughts on why this Chinese-made brand isn't affected?
why hack something with backdoors ;~)
It would be nice to have modem adsl with openwrt ...
I read because QNAP and the other mentioned models used BusyBox for their userland, and likely a vulnerable version. Synology uses discrete Linux binaries for its userland, so it wasn't vulnerable because of this.
I would say that Busybox is a good product, but there have been some CVEs last year which required updates.
Synology is a Taiwanese company, so I fear it less than a company on the mainland.
From a different article
Since the research is still ongoing, Talos researchers "do not have definitive proof on how the threat actor is exploiting the affected devices," but they strongly believe that VPNFilter does not exploit any zero-day vulnerability to infect its victims.
Instead, the malware targets devices still exposed to well-known, public vulnerabilities or have default credentials, making compromise relatively straightforward.
The Airport Extreme is hands down the most reliable consumer grade router out there. In fact, it's better than a handful of business class routers I have used. For years I refused to buy one because I thought "why, it's just a router and it's expensive!" Well, years of fighting with various routers configs, reboots, updates, custom firmware, etc, and noting that the routers I was buying had started going up in price, I finally caved and bought one. My main reason was a friend stated he'd not rebooted his in years and I had no issues at his house. Sure enough, plugged it in, and a host of network weirdness disappeared immediately. Reboots? I generally don't even think about it unless some notification comes out that actually makes me think about my router. I've had more trouble with my ISP in any given year than my router. I'm going to buy another one before stock runs out.
The cesspool just got a check and balance.
Bingo. Everyone dismissed it while it simply worked incredibly well. They say it had a "simple" interface not knowing how configurable it was under the hood. I had custom port forwards, IP assignment, DMZ, everything you'd think you'd want on a home router. Then they EOL'd it.
Be kind, for everyone you meet is fighting a difficult battle. - Plato
I assume you are joking, but there is some truth in there. If you knew how to use it the Airport made a great home router
No. I was being dead serious.
My Airport Extreme 5th Gen Router NEVER needs a Reboot, has most of the bells and whistles expected in a modern router (separate 2.4 and 5 G Networks, Guest Network, Flexible Port Forwarding, etc.) Plus, I can even securely config. the thing over WiFi from my iPad if I so choose.
Plus it is hands-down the easiest Router I have ever had to set up in Bridge Mode. And it even supports some type of Mesh networking that I have never understood, since I don't have two of them.
Yeah, now I wish I'd gotten one of the "ac" capable ones....