Initiatives pour
En tant qu'autorité nationale en matière de cybersécurité, le CCB a développé plusieurs initiatives destinées à des publics spécifiques, qui sont présentées ici.
VPNFilter malware targets networking devices worldwide
Image
Publié : 31/05/2018
Reference:
Advisory #2018-018
Version:
1.0
Affected software:
consumer-grade routers made by Asus,D-Link,Huawei,Linksys, MikroTik, Netgear, TP-Link,Ubiquiti,Upvel,ZTE and network-attached storage devices from QNAP. The device lists on the Talos and Symantec blog posts are incomplete, it is possible more device types
Type:
IoT botnet
Sources
https://blog.talosintelligence.com/2018/05/VPNFilter.html
https://www.symantec.com/blogs/threat-intelligence/vpnfilter-iot-malware
https://www.bleepingcomputer.com/news/security/nation-state-group-hacked...
Risks
The malware is capable of file collection, command execution, data exfiltration, device management, theft of website credentials, monitoring of Modbus SCADA protocols and self destruct. The self destruct function can damage the router.
Description
Researchers of Cisco Talos Intelligence have discovered an advanced malware infecting consumer grade routers worldwide. The malware has advanced capabilities for performing large scale attacks as well as intercepting and exfiltrating local traffic. List of affected router models can be found on the Talos Intelligence blog, please not that this list may still be incomplete.
Recommended Actions
Perform a factory reset and reconfigure the device.
Upgrade the firmware as soon as updates are available.
Due to the potential for destructive action by the threat actor, we recommend that these actions be taken for all SOHO or NAS devices, whether or not they are known to be affected by this threat.
More Information
Version history
1.0 Initial document
1.1 Update to vendors affected