06-13-2018 02:28 PM
'Just came across an alarming but very informative article about the Russian router malware known as VPNFilter :
https://www.imore.com/vpnfilter-malware
My question is, should Telus home services subscribers be concerned about this troubling development and - if so - what steps should we take to protect ourselves? 'Would love it if a Telus rep could answer this ...
06-13-2018 04:06 PM
Better article including FAQ (scroll down): https://www.symantec.com/blogs/threat-intelligence/vpnfilter-iot-malware
There are a number of antivirus programs out there that will detect the malware as a variant of Linux.VPNFilter so it should be detectable if present.
The malware appears to be mainly affecting older routers though it is difficult for security researchers to detect remotely. Since Telus' gateways are updated regularly, they are less likely to be affected. Actiontec is not included in the list of affected devices. The attack requires specific software to be present on the router and not all routers have it.
One main thing the malware looks for is a router that is still using the default password. If you previously have changed the default password on your router, that will reduce your chances of getting affected.
06-14-2018 04:28 AM
Users of the Actiontec modem/router should be OK as there is a notice on the Actiontec site that says their devices are safe from VPNFilter.