Contact us today!

Network Solutions Unlimited Blog

Has Malware Made a Home in Your Router?

Has Malware Made a Home in Your Router?

Hackers and cybercriminals, like most people, tend to gravitate towards high-reward activities. In this case, that means that focus is turning to creating malware that attacks the router, potentially infecting the users that leverage it to connect wirelessly to the Internet. Researchers at Kaspersky Lab recently discovered an example of such a malware, so today, we will review this threat and how to best protect your network.

This threat, codenamed Slingshot, targets MikroTik routers and utilizes a multi-layer attack to spy on the PCs connected to the router. By replacing a library file with a malicious alternative that subsequently downloads other pieces of the malware, Slingshot is able to bypass security solutions unscathed. It then launches a two-pronged attack, one leveraging low-level kernel code to give an intruder carte blanche access to a system, the second managing the file system and preserving the malware - allowing it to continue.

If this sounds impressive, it is - not only does this attack access additional code from an encrypted virtual file system, it does so without crashing its host. This quality and complexity led the security experts at Kaspersky Lab to conclude that this attack was state-sponsored. Based on reports, this malware can collect just about any data that it wants to from its target, from keystrokes to passwords to screenshots to network traffic.

According to MicroTik, their routing firmware has received a patch for this vulnerability, but it is still unknown if routers from other manufacturers are affected. If they have, Slingshot could suddenly become a much larger issue than it already is.

Other Router Malware
Of course, Slingshot isn’t the only issue that affects router security. The fail-safes and security measures baked into routers have been historically unreliable. This can largely be attributed to manufacturers building numerous products with no comprehensive strategy concerning their security and keeping it up-to-date. However, this doesn’t mean that the user is off the hook, either. It is up to them to actually update the router’s firmware, not something that is necessarily their first, second, or even twenty-third thought. Furthermore, the updating process can often be challenging, as well as time-consuming.

Hackers will often change the DNS server setting on a router in order to attack a network. Rather than directing you to the secure website you are trying to navigate to, the altered DNS will instead send you to a phishing site. Since these sites are often convincingly created and designed to fool their targets, you may not realize you are being victimized until it has already happened.

In addition to attacks like these, hackers will also often use methods like barraging their targets with ads or infiltrating them via drive-by download. Some attacks leverage cross-site request forgery, where a hacker will develop a rogue piece of JavaScript that will attempt to load a router’s web-admin page to alter the router’s settings.

How to Mitigate Damage to You
If you suspect that you are the target of a router-based attack, your first step should be to confirm that something is wrong. While there are assorted ways to accomplish this, the most effective is to check if your DNS server has been changed. To check, you’ll need to access your router’s web-based setup page, and from there, the Internet connection screen. If your DNS setting is ‘automatic,’ you should be okay. However, if it says “manual,” with custom DNS servers entered, you may have a problem.

In order to mitigate damage in the case of compromise, you’ll need to make sure that your router matches the specifications set by the manufacturer. To do this, make sure you:

  • Promptly install firmware updates: Keeping your router’s firmware up-to-date will assist you in keeping your router secure.
  • Disable remote access: By disabling the capacity for your router to be accessed remotely, you prevent the chance of someone changing the settings without your knowledge.
  • Disable UPnP: While there is definitely some convenience to be had with the assistance of plug and play capabilities, UPnP could lead to your router becoming infected, as it is predisposed to trust any requests it receives.
  • Change your access credentials: A simple means of upping your security is to change your access credentials away from the router defaults.

If you want to know more about your cybersecurity, the professionals at Network Solutions Unlimited are there here to help you keep your network and infrastructure safe. Call us at 217-428-6449.

All Work and No Play Makes Fewer Opportunities
Tip of the Week: PowerPointing You In the Right Di...


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Tuesday, January 22 2019

Captcha Image

Mobile? Grab this Article!


Tag Cloud

Monitors History SaaS Password Downtime Cast Chrome SMB Microsoft Word Cybercrime Virtual Reality Avoiding Downtime Update Loyalty Emergency Colocation Internet exploMicrosoft Managed Service Connectivity Hyperlink IT Services Politics Paperless Office WiFi Software Cortana iOS How To Hosted Solution Financial Technology Analysis Bring Your Own Device Upgrades Big Data Wasting Time Tech Support Language Root Cause Analysis Fraud Small Business Recovery Projects Rootkit Bluetooth File Storage Payroll Edge Unsupported Software Hard Drives Going Green Chromebook Router Hardware Microsoft Office Monitoring Comparison Server Smartphone Shadow IT Consultant Outsourced IT Samsung Unified Threat Management Computer Forensics Monitor Admin Windows 7 Commerce Computer Care Data Management Information Technology Technology Instant Messaging Data Security Physical Security Smart Tech Phone System Office Video Games Troubleshooting WPA3 intranet Computer Accessories Gamification Business FAQ Data Loss Thank You WIndows Server 2008 Microsoft Excel Managing Stress Accessory Black Market Spyware Memory Devices The Internet of Things User Tips Maintenance Data Applications App store HBO Data Backup Remote Monitoring Data storage Hackers Save Time Hard Disk Drive Best Practice Laptop Law Enforcement Patch Management Security Display Remote Computing Books Upgrade Customer Entertainment Internet Exlporer Managed IT Service Gmail Blockchain Professional Services Worker Commute Office 365 Government Passwords IT Support Cache Operating System Nanotechnology Workers Efficiency Advertising Mobile Devices Saving Money Scalability App Utility Computing Public Cloud Vendor USB Automation Reputation Specifications Business Owner Budget Retail Employer Employee Relationship Business Management Social Engineering Marketing Congratulations Mobility Network Work/Life Balance Co-Managed Services Mobile Data Storage Wireless Internet Quick Tips Webinar Sales Computer Fan Safety WannaCry Tech Term Experience PDF Communication Camera Content Sports Content Filtering Malware Productivity Screen Mirroring Managed IT Services Browser Adobe Education Data Protection Touchscreen Collaboration Health Artificial Intelligence Smartphones Wi-Fi Company Culture HaaS Disaster Recovery Facebook Legislation Regulation Augmented Reality Settings Shortcut Two-factor Authentication Ransomware Proactive Private Cloud Storage Benefits Business Intelligence Content Filter Encryption Transportation Conferencing Hard Drive Emails Hosted Solutions Workplace Tips IT Solutions Data Recovery Spam Gifts Licensing Automobile Apple Best Practices Dark Web Solid State Drive Redundancy Audiobook Document Management Vulnerability OneNote Networking Search Public Computer eWaste Two Factor Authentication Hiring/Firing Data Theft Ciminal Risk Management Legal Bandwidth File Sharing Computers Virtual Assistant NFL Cloud Excel Data Breach Peripheral Application IT budget Innovation Smart Technology How to Wireless IT Management PowerPoint Managed IT Employer-Employee Relationship Data Privacy Battery End of Support Wireless Technology Evernote Google Drive Mobile Device Machine Learning User Error Apps Access Control Telephone Systems Employee-Employer Relationship Websites Cloud Computing CrashOverride Virus Save Money Wasting Money Windows 10 Email Cleaning Identities Worker Value Windows 10s Meetings Spam Blocking Keyboard Training Electronic Medical Records Cost Management Alexa for Business Google Docs Keyboard Shortcuts Techology Google Virtual Private Network Sync Human Resources Project Management Updates Amazon Chromecast IT Support Administration Android Computer Lifestyle Business Technology Management Business Continuity Personal Information Touchpad Cybersecurity Virtualization Security Cameras Humor Mobile Device Management Proactive IT Remote Workers MSP Computing hacker Robot Relocation Windows Ink Microsoft Credit Cards VoIP IoT Tablets Miscellaneous Users Office Tips Phishing Network Security Testing Hacking Google Maps Software as a Service Device Security IT Service Travel Internet of Things VPN Managed IT Services Hybrid Cloud Productivity Money Students Privacy Word Twitter Printers Mobile Security Saving Time Alert Windows Information IT solutions Charger Managed Service Provider Windows 10 iPhone Files Streaming Media Unified Communications Tip of the Week BDR Computing Infrastructure BYOD Identity Theft Vendor Management Social Media HIPAA Backup Assessment Scam Wireless Charging Identity Television Communications Internet Gadgets Antivirus Google Assistant Audit Financial Outlook Business Computing Compliance Firewall Printing Holiday Flexibility Telephone