Contact Us Today! 800-626-8277

One World Technology Inc. Blog

One World Technology Inc. has been serving the Medina area since 2012, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Your Router Can Host Some Pretty Nasty Malware

Your Router Can Host Some Pretty Nasty Malware

Hundreds of millions of people use wireless Internet connections every day, and as a result, hackers are taking that as a challenge. They are now starting to develop malware that targets people through their routers. Recently, security researchers at Kaspersky Lab have discovered the malware named Slingshot. The code is designed to spy on PCs through a multi-layer attack that targets MikroTik routers. Today we take a look at Slingshot, and other router-based malware and what you can do about it.

Slingshot
Slingshot works by replacing a library file with a malicious version that downloads more malicious components and then eventually launches a two-front attack on the computers connected to it. The first one runs low-level kernel code that gives an intruder free rein of a system, while the other focuses on the user level and includes code to manage the file system and keep the malware alive.

It is a very intricate attack that calls the nefarious code in from an encrypted virtual file system; managing to do so without crashing the host system, a feat not lost on the security experts at Kaspersky Lab, who deemed it a state-sponsored attack because of the quality of the overall attack and the complexity of its components. Reports suggest that the malware can basically steal whatever it wants, including keyboard strokes, passwords, screenshots, and information about network usage and traffic.

MikroTik has announced that they have patched the vulnerability on versions of their routing firmware, but concerns remain as no one is sure if other router manufacturers have been affected. If that were to come to fruition, Slingshot could be a much larger problem than is currently believed.

Other Instances
Slingshot isn’t the first instance of a router turning on its owner. Traditionally, router security is known to be largely unreliable. Much of this is on the manufacturers, which have been known to build many different products without having a strategy in place to keep them working with up-to-date security. It is also up to the user to keep their router’s firmware up-to-date - something that is very easy to not keep top-of-mind. Plus, some routers make firmware updates time-consuming and difficult.

To attack the network, hackers seek to change the DNS server setting on your router. When you try to connect to a secure website, the malicious DNS server tells you to go to an elaborately constructed phishing site instead. By spoofing the domain and rerouting you to a website that is specifically constructed to take advantage of you, you have very little chance of warding off the attack before it’s too late.

Hackers have also been known to inject all types of user hindrances such trying to perform drive-by downloads, or inundating users with advertisements. Many attacks make use of cross-site request forgery attacks where a malicious actor creates a rogue piece of JavaScript that repeatedly tries to load the router’s web-admin page and change the router’s settings.

What to Do If This Happens to You
The first thing you should do is work to ascertain if your router has been compromised. You can do this in several ways, but the most telling is that your DNS server has been changed. You’ll have to access your router's web-based setup page. Once in, you have to visit the Internet connection screen. If your DNS setting is set to automatic, you are in the clear. If it’s set to “manual”, however, there will be custom DNS servers entered in the space. Many times, this is the first sign of a problem.

If you have been compromised, ensuring your router is set up to your manufacturer’s specifications will help you mitigate damage. To ward against this happening to you, you should always:

  • Install firmware updates: Making sure your router’s firmware is updated to the latest version will definitely help.
  • Disable remote access: Stop remote access to secure against anyone changing settings on your networking equipment.
  • Turn off UPnP: Plug and play can be very convenient, but your router could be affected through UPnP if there is any malware on the network since it is designed to universally trust all requests.
  • Change credentials: Changing your passwords are a simple way of keeping unwanted entities out of your router.

For more information about network and cybersecurity, the expert technicians at One World Technology Inc. are accessible and ready to help you keep your network and infrastructure secure. For help, call us at 800-626-8277.

Save the Date: Microsoft Products End of Life
Know Your Tech: Cache
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Monday, June 18 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Tip of the Week Security Privacy Best Practices Cloud Technology Network Security Business Computing Managed IT Services Hackers Backup Hosted Solutions Malware Software Google VoIP Outsourced IT Microsoft Business Business Continuity Email Disaster Recovery Data Data Backup IT Support Windows 10 Mobile Devices Efficiency Saving Money Smartphones Android Cloud Computing Cybercrime Ransomware Data Recovery Communications Internet Innovation Productivity IT Services Browser Hardware Small Business Alert Computers Internet of Things Computer Office Business Management Server Smartphone Managed IT Virtualization Cybersecurity Law Enforcement Tech Term BDR User Tips Artificial Intelligence Telephone Systems Chrome Passwords Mobility Collaboration How To Work/Life Balance Communication Productivity Data Security Data Protection Social Media Mobile Device Management Health Avoiding Downtime Wi-Fi Save Money Flexibility Holiday Business Intelligence Hacking Phishing Office Tips Windows App Quick Tips Router Remote Monitoring Money Password Social Engineering Managed IT Services Facebook Firewall Office 365 Budget Private Cloud Recovery Redundancy Big Data Upgrade Automation Document Management Two-factor Authentication Data Breach HaaS Bring Your Own Device Miscellaneous Bandwidth Value Apps Information Technology Compliance Network Connectivity Identity Theft Applications Word Spam Gadgets Vulnerability BYOD Mobile Device Proactive IT Data loss Business Owner Hiring/Firing Infrastructure Public Cloud Keyboard Comparison Cleaning Save Time Update Entertainment Computer Care Black Market Data Storage Employer-Employee Relationship Computing Infrastructure PDF Remote Computing Marketing Patch Management Google Drive Government USB Windows 10 Scam Automobile Website Worker VPN Risk Management Workplace Tips Windows 7 OneNote Battery Solid State Drive History IT Management Data Management End of Support SaaS Spam Blocking Two Factor Authentication CES IT Plan Training Operating System Content Management Unsupported Software Microsoft Office Legal HIPAA Credit Cards Electronic Medical Records Workers Charger Managed Service Provider Smart Tech Content Filtering Public Computer Insurance Users Amazon Audit Network Congestion Staff Content Emails Wireless Technology Sports Outlook Unified Threat Management Practices Amazon Web Services Shadow IT Sync Password Manager Screen Mirroring Software as a Service Devices Employer Employee Relationship Books Hybrid Cloud Humor Digital Signature HBO Audiobook Smart Office Frequently Asked Questions Telephony Hosted Computing Experience Online Shopping Computer Fan Business Mangement Cast Leadership Thought Leadership Computer Accessories Colocation Encryption Specifications Video Games Paperless Office Excel Skype Safety Inventory Music Evernote The Internet of Things Emergency Gmail Streaming Media Bluetooth Strategy Millennials Netflix Tip of the week Samsung Start Menu Access Control Wearable Technology Wireless Charging FENG Recycling Google Docs Content Filter hacker Analysis Workforce Settings Scalability Windows Server 2008 Mobile Networking Hard Drives Files Authentication Fiber-Optic eWaste Data Warehousing webinar Storage Internet Exlporer Telecommuting Loyalty Professional Services IBM Nanotechnology Troubleshooting Cables Transportation Downtime Criminal Voice over Internet Protocol Conferencing Rootkit Accountants Politics Remote Work Instant Messaging Machine Learning Regulations Education Tools Supercomputer User Error Unified Communications Benefits Multi-Factor Security IT Support Addiction Internet exploMicrosoft Apple YouTube Root Cause Analysis Hosted Solution Theft Smart Technology Trending Cache Vendor Management Assessment Wireless iPhone IoT Windows 10s Search Servers Virtual Reality Botnet Current Events Techology Cortana Blockchain Software Tips Lifestyle Best Practice Wireless Internet Advertising Television Fraud How to Flash Meetings Worker Commute Travel Knowledge Google Apps Relocation Human Resources Physical Security Mobile Computing Wire HVAC Webinar IT solutions WiFi Students Healthcare Electronic Health Records Twitter CrashOverride Robot Company Culture Managing Stress

Sign up for our Newsletter!

  • Company Name *
  • First Name *
  • Last Name *