Please register to participate in our discussions with 2 million other members - it's free and quick! Some forums can only be seen by registered members. After you create your account, you'll be able to customize options and access all our 15,000 new posts/day with fewer ads.
Whatever your position in our current political world..this is simple..off...and then back on:
"Hoping to thwart a sophisticated malware system linked to Russia that has infected hundreds of thousands of internet routers, the F.B.I. has made an urgent request to anybody with one of the devices: Turn it off, and then turn it back on.
The malware is capable of blocking web traffic, collecting information that passes through home and office routers and disabling the devices entirely, the bureau announced on Friday.
A global network of hundreds of thousands of routers is already under the control of the Sofacy Group, the Justice Department said last week. That group, which is also known as A.P.T. 28 and Fancy Bear and believed to be directed by Russia’s military intelligence agency, hacked the Democratic National Committee ahead of the 2016 presidential election, according to American and European intelligence agencies."
could this be a false flag ? imagine what would happen if computers went down all over the place - pure havoc. would be a great way to shift blame and we already know that our intelligence agencies can put something on someones computer and make it look like someone else did it. the financial markets are poised to break soon... just saying... stuxnet??
Definitely turn off the Remote Management function if you are familiar with your router settings.
Also, change the password.
The FBI has seized one "master" server that the app reported to, so that means the Russians don't get the info from many of these malware infections. However, they have unlimited resources and are likely to just keep changing servers.
As a web admin for 22 years I almost always find that bad actors have been from Russia or nearby (Ukraine hosts some, but not sure how accurate some IP's are)...
One wonders when we are going to consider attacks as being real attacks. These types of situations are an Act of War. Instead, we just play cat and mouse.
Russia doesn't have their top level military and intelligence services doing this stuff for entertainment...they have specific goals in mind. You know, like swinging elections and/or putting out misinformation. With smaller countries (Ukraine, etc.) they can cut off internet services for critical periods.
I seem to remember legislation which defined true cyber warfare as warfare. I wonder why we just put up with it?
Definitely turn off the Remote Management function if you are familiar with your router settings.
Also, change the password.
The FBI has seized one "master" server that the app reported to, so that means the Russians don't get the info from many of these malware infections. However, they have unlimited resources and are likely to just keep changing servers.
As a web admin for 22 years I almost always find that bad actors have been from Russia or nearby (Ukraine hosts some, but not sure how accurate some IP's are)...
One wonders when we are going to consider attacks as being real attacks. These types of situations are an Act of War. Instead, we just play cat and mouse.
Russia doesn't have their top level military and intelligence services doing this stuff for entertainment...they have specific goals in mind. You know, like swinging elections and/or putting out misinformation. With smaller countries (Ukraine, etc.) they can cut off internet services for critical periods.
I seem to remember legislation which defined true cyber warfare as warfare. I wonder why we just put up with it?
I think we put up with it--if we really do, I would hope that there is some opposition by us behind the scenes---because of the defuse nature of hacking groups..this provides just enough of a fig leaf..that our govt. is unwilling to go full out.
There is also the sobering issue..that we may be afraid that we might actually lose..or at least be severely damaged, by a full out, gloves-off cyber war.
Rebooting removes the payload but won't remove the initial infection.
Quote:
Q: If I own an affected device, what should I do?
A: Users of affected devices are advised to reboot them immediately. If the device is infected with VPNFilter, rebooting will remove Stage 2 and any Stage 3 elements present on the device. This will (temporarily at least) remove the destructive component of VPNFilter. However, if infected, the continuing presence of Stage 1 means that Stages 2 and 3 can be reinstalled by the attackers.
You should then apply the latest available patches to affected devices and ensure that none use default credentials.
Of course, if for example the NSA was distributing mal ware to routers in the US that required a hard reset (and couldn't force one because a hard reset has been secured to only be performed by physical access). Then having the FBI issue an advisory over nebulous concerns is likely to achieve their goals.
Please register to post and access all features of our very popular forum. It is free and quick. Over $68,000 in prizes has already been given out to active posters on our forum. Additional giveaways are planned.
Detailed information about all U.S. cities, counties, and zip codes on our site: City-data.com.
Please register to participate in our discussions with 2 million other members - it's free and quick! Some forums can only be seen by registered members. After you create your account, you'll be able to customize options and access all our 15,000 new posts/day with fewer ads.
