Login | Register 
Contact us today!
866-348-2602

Total Tech Care Blog

Total Tech Care has been serving Florida since 2001, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
Font size: +
Subscribe to this blog post
Print

Your Router Can Host Some Pretty Nasty Malware

Total Tech Care Blog
0 Comments
Your Router Can Host Some Pretty Nasty Malware

Hundreds of millions of people use wireless Internet connections every day, and as a result, hackers are taking that as a challenge. They are now starting to develop malware that targets people through their routers. Recently, security researchers at Kaspersky Lab have discovered the malware named Slingshot. The code is designed to spy on PCs through a multi-layer attack that targets MikroTik routers. Today we take a look at Slingshot, and other router-based malware and what you can do about it.

Slingshot
Slingshot works by replacing a library file with a malicious version that downloads more malicious components and then eventually launches a two-front attack on the computers connected to it. The first one runs low-level kernel code that gives an intruder free rein of a system, while the other focuses on the user level and includes code to manage the file system and keep the malware alive.

It is a very intricate attack that calls the nefarious code in from an encrypted virtual file system; managing to do so without crashing the host system, a feat not lost on the security experts at Kaspersky Lab, who deemed it a state-sponsored attack because of the quality of the overall attack and the complexity of its components. Reports suggest that the malware can basically steal whatever it wants, including keyboard strokes, passwords, screenshots, and information about network usage and traffic.

MikroTik has announced that they have patched the vulnerability on versions of their routing firmware, but concerns remain as no one is sure if other router manufacturers have been affected. If that were to come to fruition, Slingshot could be a much larger problem than is currently believed.

Other Instances
Slingshot isn’t the first instance of a router turning on its owner. Traditionally, router security is known to be largely unreliable. Much of this is on the manufacturers, which have been known to build many different products without having a strategy in place to keep them working with up-to-date security. It is also up to the user to keep their router’s firmware up-to-date - something that is very easy to not keep top-of-mind. Plus, some routers make firmware updates time-consuming and difficult.

To attack the network, hackers seek to change the DNS server setting on your router. When you try to connect to a secure website, the malicious DNS server tells you to go to an elaborately constructed phishing site instead. By spoofing the domain and rerouting you to a website that is specifically constructed to take advantage of you, you have very little chance of warding off the attack before it’s too late.

Hackers have also been known to inject all types of user hindrances such trying to perform drive-by downloads, or inundating users with advertisements. Many attacks make use of cross-site request forgery attacks where a malicious actor creates a rogue piece of JavaScript that repeatedly tries to load the router’s web-admin page and change the router’s settings.

What to Do If This Happens to You
The first thing you should do is work to ascertain if your router has been compromised. You can do this in several ways, but the most telling is that your DNS server has been changed. You’ll have to access your router's web-based setup page. Once in, you have to visit the Internet connection screen. If your DNS setting is set to automatic, you are in the clear. If it’s set to “manual”, however, there will be custom DNS servers entered in the space. Many times, this is the first sign of a problem.

If you have been compromised, ensuring your router is set up to your manufacturer’s specifications will help you mitigate damage. To ward against this happening to you, you should always:

  • Install firmware updates: Making sure your router’s firmware is updated to the latest version will definitely help.
  • Disable remote access: Stop remote access to secure against anyone changing settings on your networking equipment.
  • Turn off UPnP: Plug and play can be very convenient, but your router could be affected through UPnP if there is any malware on the network since it is designed to universally trust all requests.
  • Change credentials: Changing your passwords are a simple way of keeping unwanted entities out of your router.

For more information about network and cybersecurity, the expert technicians at Total Tech Care are accessible and ready to help you keep your network and infrastructure secure. For help, call us at 866-348-2602.

Tweet
Tags:
Malware Router Wireless Internet
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Tuesday, 03 December 2024
If you'd like to register, please fill in the username, password and name fields.

Blog Categories

Blog Archive

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Free Consultation

      Sign up today for a
      FREE Network Consultation

      How secure is your IT infrastructure?
      Let us evaluate it for free!

      Sign up Now!

      Free Consultation
       

      Tag Cloud

      Security Tip of the Week Technology Best Practices Business Computing Cloud Privacy Hackers Productivity Hosted Solutions Efficiency Software Network Security Business Google Internet Microsoft Email Malware Backup Workplace Tips Innovation User Tips Data Computer Mobile Devices IT Services Hardware Android VoIP Disaster Recovery communications Smartphones Communication IT Support Business Continuity Miscellaneous Smartphone Mobile Device Browser Small Business Network Collaboration Productivity Cybersecurity Quick Tips Users Business Management Phishing Managed IT Services Windows Upgrade Outsourced IT Data Backup Ransomware Windows 10 Server Save Money Data Recovery Cloud Computing Office Passwords Windows 10 Gadgets Chrome Social Media Virtualization Tech Term Saving Money Holiday Microsoft Office Automation Managed Service Managed IT Services Operating System Facebook Artificial Intelligence Computers Cybercrime Internet of Things Hacking Wi-Fi Health BYOD Mobile Device Management Networking IT Support Managed Service Provider Telephone Systems Alert Information Technology Information Remote Spam Covid-19 Office 365 Social Engineering Mobility Recovery Employer-Employee Relationship Router Bandwidth BDR App Big Data History Password Money Mobile Computing Human Resources Encryption Data Breach Applications Application Remote Monitoring Law Enforcement Private Cloud How To Office Tips Blockchain Paperless Office Managed IT Training VPN Data Storage Apps Patch Management Remote Computing Mobile Office Government Wireless Bring Your Own Device Data Management Work/Life Balance Gmail Flexibility Settings Marketing Vulnerability Infrastructure Windows 7 WiFi Voice over Internet Protocol Word IT solutions Two-factor Authentication Entertainment Website Google Drive Budget Servers Mouse HaaS Avoiding Downtime Data Security RMM Risk Management Hacker Save Time Staff The Internet of Things Software as a Service Telephone System Lithium-ion battery Machine Learning Cleaning Connectivity Remote Work Conferencing Firewall End of Support Scam Physical Security Education Virtual Reality Apple Safety HIPAA Vendor USB Sports Vendor Management Social Redundancy Managed Services Keyboard Display Data Protection User Error Meetings Employee/Employer Relationship Excel Samsung Robot Content Management Business Technology Document Management Computing Access Control Solid State Drive Biometrics Wireless Technology Value How to Virtual Desktop Downtime Virtual Assistant Electronic Medical Records Authentication Spam Blocking DDoS Data storage Automobile Hiring/Firing SharePoint Digital Signage Virus Computing Infrastructure Update Unified Threat Management Going Green Computer Accessories Customer Service Procurement Environment Google Docs Workplace Strategy Net Neutrality Identity Theft Business Intelligence Battery Fax Server Help Desk Shadow IT Worker Printing Legal Audit IT Management Printer SaaS Augmented Reality Bluetooth Internet Exlporer Botnet Fraud IT Plan Managed Services Provider Remote Worker Network Congestion PDF eWaste Database Unsupported Software Cryptocurrency Remote Workers IT Consultant Proactive IT Charger Processor Best Practice Compliance Comparison YouTube Humor OneNote Computer Care Wearable Technology Black Market Retail Hard Drive CES Hard Drives Current Events Instant Messaging Telephony Root Cause Analysis Consultant Running Cable Copiers Wire Search 5G Evernote iPhone Memory HBO Travel Knowledge Analytics Quick Tip Music Ergonomics Printers Smartwatch Skype Millennials Data loss Best Available Development Smart Office OLED Wireless Charging Virtual Machine Files Outlook WIndows 7 Leadership PCI DSS Troubleshooting 2FA Virtual Private Network Fiber Optics Employee Start Menu Workforce Chromecast Science Screen Mirroring Loyalty Messaging Cabling Cables Hypervisor Colocation Frequently Asked Questions Uninterrupted Power Supply Policy Books Dark mode Project Management Trend Micro Nanotechnology Mobile Telecommuting Windows 10s Cast Distributed Denial of Service SMS Customer Relationship Management Default App Cortana Monitor Saving Time Digital Signature Analyitcs Tip of the week User webinar PowerPoint Procedure Emergency Windows Media Player dark theme Employer Employee Relationship Warranty Shopping Programming Google Search Professional Services Public Cloud Google Apps Reputation Streaming Media Assessment AI HVAC IT Infrastructure Content Analysis Bing Windows Server 2008 Managing Stress Tech Support FinTech Administrator Antivirus Social Network Devices Techology Tools Laptop Customers Windows 8 Television Cameras Enterprise Content Management Investment MSP Audiobook IT service Employee/Employer Relationships Accountants Employees Windows 365 Microchip Thought Leadership ISP Credit Cards Touchpad Password Manager Tablet Public Computer Video Conferencing Password Management ROI Politics Domains Bitcoin Advertising Shortcuts Regulations Multi-Factor Security Sales Transportation Point of Sale Rootkit Search Engine Personal Twitter Cryptomining Computer Fan Business Mangement Notifications Printer Server IaaS Supply Chain Management NIST Maintenance Batteries Smart Tech Bloatware Trending Workers Monitoring Benefits FENG Windows 8.1 Digitize Addiction Amazon Recycling Relocation Tablets IBM Windows Server 2008 R2 Customer relationships Smart Technology Wiring Practices Entrepreneur Flash Email Best Practices IT Assessment Cache Video Games Manufacturing Amazon Web Services Criminal Software Tips Supercomputer Safe Mode Worker Commute Shortcut Computer Tips GDPR Experience Managed IT Service Hosted Computing Cost Management Security Cameras Sync Emails Virtual CIO OneDrive Wireless Internet Scalability Social Networking Biometric Security Online Shopping Peripheral File Sharing Business Owner Digital Security Cameras Two Factor Authentication Camera Using Data Inventory Specifications NarrowBand Netflix

      Top Blog

      Taking a Vacation From Your Technology While On Vacation Can Actually Make Things Worse
      The reasoning for this is simple: you want to make sure that operations are proceeding as intended, even if you’re not there. If you completely check out from the workplace every time you leave, you could return from your vacation to a complete and total disaster that may have been prevented with y...
      Read More
      QR-Code