List of VPNFilter botnet hacked routers (UPDATED 6/7)

FBI says to Reboot and patch now!

 

At least half a million routers and storage devices in dozens of countries around the world have been infected by a sophisticated botnet, in preparation for an alleged planned cyber attack on Ukraine.

The US Federal Bureau of Investigation (FBI) has obtained court orders and has taken control of the command and control servers of a massive botnet of over 500,000 devices, known as the VPNFilter botnet. The existence of this massive threat came to light yesterday when Cisco Talos published a report about VPNFilter infecting over 500,000 routers and NAS devices across the world.

FBI asks users to reset devices to get a list of victims

With the domain firmly in its grasp, the FBI is now asking users across the world who own affected routers and NAS devices to reset their equipment.

The reasoning, according to the FBI, is to make these devices reconnect to the command and control server, giving the FBI a full insight into the botnet’s real size.

The FBI plans to use this knowledge to create a list of vulnerable devices and notify ISPs, private and public sector partners that can deal with the infected devices.

Owners of the following types of devices are vulnerable to the VPNFilter malware, and should reboot their devices, based on the FBI’s advice:

Owners of the following types of devices are vulnerable to the VPNFilter malware, and should reboot their devices, based on the FBI’s advice:

Asus Devices:
RT-AC66U (new)
RT-N10 (new)
RT-N10E (new)
RT-N10U (new)
RT-N56U (new)
RT-N66U (new)

D-Link Devices:
DES-1210-08P (new)
DIR-300 (new)
DIR-300A (new)
DSR-250N (new)
DSR-500N (new)
DSR-1000 (new)
DSR-1000N (new)

Huawei Devices:
HG8245 (new)

Linksys Devices:
E1200
E2500
E3000 (new)
E3200 (new)
E4200 (new)
RV082 (new)
WRVS4400N

Mikrotik Devices:
CCR1009 (new)
CCR1016
CCR1036
CCR1072
CRS109 (new)
CRS112 (new)
CRS125 (new)
RB411 (new)
RB450 (new)
RB750 (new)
RB911 (new)
RB921 (new)
RB941 (new)
RB951 (new)
RB952 (new)
RB960 (new)
RB962 (new)
RB1100 (new)
RB1200 (new)
RB2011 (new)
RB3011 (new)
RB Groove (new)
RB Omnitik (new)
STX5 (new)

Netgear Devices:
DG834 (new)
DGN1000 (new)
DGN2200
DGN3500 (new)
FVS318N (new)
MBRN3000 (new)
R6400
R7000
R8000
WNR1000
WNR2000
WNR2200 (new)
WNR4000 (new)
WNDR3700 (new)
WNDR4000 (new)
WNDR4300 (new)
WNDR4300-TN (new)
UTM50 (new)

QNAP Devices:
TS251
TS439 Pro
Other QNAP NAS devices running QTS software

TP-Link Devices:
R600VPN
TL-WR741ND (new)
TL-WR841N (new)

Ubiquiti Devices:
NSM2 (new)
PBE M5 (new)

Upvel Devices:
Unknown Models* (new)

ZTE Devices:
ZXHN H108N (new)

Here are some general tips about how to better harden your IoT security:

Ensure all default passwords are changed to strong passwords.
Make sure all your devices have the latest security updates and patches on a daily basis.
Always set passwords to new devices and routers. Do not use the default passwords these devices come with.
Keep in mind that every device that connects to the internet has the possibility of being hacked giving the hackers access to your entire network. Make sure every connected device you purchase also comes with some type of security.

Reach out to an MDS expert now and we will get back to you shortly!

About MDS

Updating your IT Infrastructure doesn't have to be a do-it-yourself project. 

With MDS, you can focus on growing your business while we take care of the technology. Our engineers go beyond standard canned offerings by creating end-to-end project solutions tailored to fit your organization's specific needs. 

MDS experts are available 24/7 and have a wide range of skills that allow you to harness the power of a large IT team, without the overhead.

 

Upcoming Events

August 22, 2018
Black Market LIVE! with Armor

Contact Us

NYC Headquarters
307 W. 38th Street, Suite 1801
New York, NY 10018

Tel
646-744-1000
Email: 
contactus@mdsny.com

NYC | FL | TX | PR

Share This