Major Router malware...make sure your model isn't one of them affected

[Fish]

I didnt even look at that. Yeah password change for the router is the #1 thing you change.

 

[Lord Tin Foilhat]

So if I don't have the WAN admin enabled or default password I'm good to go?

Not necessarily, but that is an easy way to get attacked. If you have one of the models listed, reboot and factory reset. Most of the infected devices are in Ukraine, but if your model is listed, it has a publicly known vulnerability that could be used to get infected. Right now the FBI shutdown the domains to activate stage 2 and 3 so you shouldn't have to worry about network monitoring/password stealing, but we still don't know how or what ways they are using to infect stage 1 onto devices. It could be a handful of known security vulnerabilities they are using.

If I had one listed, id reset it and use it only if needed until I buy a new router that isnt affected.

 

[Lord Tin Foilhat]

I didnt even look at that. Yeah password change for the router is the #1 thing you change.

I also limit who can access the setup webpage by MAC/IP. Makes it a little more difficult to get into setup since they need to spoof the right MAC to get access to the login prompt.

But there is a good chance this malware used a backdoor vulnerability which may bypass that all together.

 

[Lord Tin Foilhat]

I have a TP-Link. My model wasn't affected. I rebooted and I am still getting a new router just because the tp-link brand was hit

 

[Kensington]

Netgear WNR2000 series, or just the WNR2000?

Mine is a WNR2020v2

 

[Fish]

Debating about getting a cheaper ASUS router. Still gigabit and almost as good as the nighthawk for less money.

 

[Mr_Roboto]

Here some more information, basically older hardware thats not patched or known to have public exploits that were never patched to begin with:

So what you're saying is that it's likely Netgear and these other OEMs are doing a shit job of patching firmware.

 

[Fish]

I know my E2500 had a firmware update one time. That was it.

 

[Kensington]

Netgear WNR2000 series, or just the WNR2000?

Mine is a WNR2020v2

Is my router affected?
The following router models are affected.
JNR1010v2 / WNR614 / WNR618 / JWNR2000v5 / WNR2020 / JWNR2010v5 / WNR1000v4 / WNR2020v2 / R6220 / WNDR3700v5

 

[Fish]

Anyone have preferences?

https://www.amazon.com/dp/B01LXL1AR8/?tag=tcg21-20

https://www.amazon.com/dp/B07628HLTM/?tag=tcg21-20

 

[boostedguy05]

i will see what i have when i get home.

 

[Gav'sPurpleZ]

So 3 members have posted in here. No one else concerned ?
or no one else has the equipment on the list ?

I will have to check when I get home... I have a linksys but not sure what model

netgear ac1200

safe

 

[Knowklew]

Reset, new password, new firmware downloading direct from Netgear as it wasnt part of the auto updates.

I think I should be good now, right?

 

[Lord Tin Foilhat]

So what you're saying is that it's likely Netgear and these other OEMs are doing a shit job of patching firmware.

Most consumer brands do

Reset, new password, new firmware downloading direct from Netgear as it wasnt part of the auto updates.

I think I should be good now, right?

Is the firmware update related to this incident? or just a newer version then what you have? Doing that will clear any malware if you were infected, but it doesnt guarantee it wont happen again.

 

[Knowklew]

Most consumer brands do



Is the firmware update related to this incident? or just a newer version then what you have? Doing that will clear any malware if you were infected, but it doesnt guarantee it wont happen again.

The firmware update was directly related to security.

 

[Lord Tin Foilhat]

The firmware update was directly related to security.

for now, I'd say so. Until they know exactly how they compromised the devices, you cant be super sure.

Id turn off remote access, wps, and upnp on the router also. And if you want to take it one step further, limit which computers can access the router config page.

 

[Flyn]

Since the companies know there is a security breach, is there a security patch in the works?

 

[Lord Tin Foilhat]

idk. email them

 

[Fish]

Asus AC1700 will be here tomorrow. Thanks Amazon. I wanted a new router anyway, but I just told the wife that there might be a security breach and this is needed ASAP.

 

[Lord Tin Foilhat]

yeah i'm considering upgrading to a ubiquiti setup

 

[Smokinhot]

I have the Netgear R8000, I turned it off and rebooted. There was also a firmware update available on mine.

I'm not the most computer say, sooo yea [emoji23]

 

[Lord Tin Foilhat]

I have the Netgear R8000, I turned it off and rebooted. There was also a firmware update available on mine.

I'm not the most computer say, sooo yea [emoji23]

Firmware update is easy. Download the file, login to your router, find the firmware upgrade page and just point it to the file you downloaded.

 

[Smokinhot]

Firmware update is easy. Download the file, login to your router, find the firmware upgrade page and just point it to the file you downloaded.

Oh I got that, it's done. Netgear genie did the work

 

[Smokinhot]

I was talking more about the lingo you speak [emoji23]

 

[IDAFC21]

netgear wndr3400 here. Dont see that one listed so hopefully im safe. I have been wanting to get a new router lately tho. This ones about had its day.