On behalf of the entire MeloTel team, we’d like to forward along a public service announcement that was released by the United States Federal Bureau of Investigation last Friday. It involves a critical security notice that is related to the vulnerabilities in many residential and small business routers deployed all over the world.
According to the FBI, Russian computer hackers have compromised hundreds of thousands of computers around the world. To stop the spread of Russian malware, they are advising everyone in the world to reboot their routers.
“The FBI recommends any owner of small office and home office routers reboot the devices to temporarily disrupt the malware and aid the potential identification of infected devices,” reads the public service announcement, “Owners are advised to consider disabling remote management settings on devices and secure with strong passwords and encryption when enabled. Network devices should be upgraded to the latest available versions of firmware.”
As reported by Jessica Vomiero of Global News, computer hackers have used “VPNFilter” malware to target at least a half million small-office and home-office routers in 54 different countries. It can perform a variety of functions including collecting information, blocking network traffic as well as exploiting devices in other ways.
As the FBI warns, “VPNFilter is able to render small office and home office routers inoperable. The malware can potentially also collect information passing through the router. Detection and analysis of the malware’s network activity is complicated by its use of encryption and misattributable networks.”
Here are the answers to a couple of Frequently Asked Questions surrounding this issue:
VPNFilter is a multi-staged piece of malware. Stage 1 is installed first and is used to maintain a persistent presence on the infected device and will contact a command and control (C&C) server to download further modules.
Stage 2 contains the main payload and is capable of file collection, command execution, data exfiltration, and device management. It also has a destructive capability and can effectively “brick” the device if it receives a command from the attackers. It does this by overwriting a section of the device’s firmware and rebooting, rendering it unusable.
There are several known Stage 3 modules, which act as plugins for Stage 2. These include a packet sniffer for spying on traffic that is routed through the device, including theft of website credentials and monitoring of Modbus SCADA protocols. Another Stage 3 module allows Stage 2 to communicate using Tor.
Reboot your device immediately. If the device is infected with VPNFilter, rebooting will remove Stage 2 and any Stage 3 elements present on the device. This will, at least, temporarily remove the destructive component of VPNFilter. However, if infected, the continuing presence of Stage 1 means that Stages 2 and 3 can be reinstalled by the attackers. You should then apply the latest available patches to affected devices and ensure that none use default credentials.
For more information about what do to if your computer is hacked, please don’t hesitate to contact MeloTel at 1-888-MELOTEL or use the Live Chat feature on our website!
“Imprezzio Marketing has been with MeloTel for 4 years and their service has been outstanding over the years. Their customer support team is always extremely helpful and always responds and resolves any issues that we have. Thank you MeloTel for providing us with such great service. READ MORE"
“When TK Enterprises found MeloTel 2 years ago, it was in a crisis situation. Our previous VoIP provider had left us in the lurch and within days, MeloTel had us back up and running and we’ve never looked back since. We started with VoIP services and have worked with them to bring our company’s technology levels up to be more cutting edge and competitive while reducing costs and mitigating risk the entire time. READ MORE"
“Benjamin Verde Incorporated has been a loyal MeloTel customer since 2013. We are able to provide a variety of Artist and Entertainment related solutions such as Web Hosting, Artist Marketing and Artist Funding to clients across Canada. By utilizing MeloTel’s robust products and services our agents are able to provide fast and efficient customer care to various radio stations, record companies, independent artist as well as popular international brands via Benjamin Verde’s VXCO.net portal. READ MORE"
“As the leaders in promotional advertising with over 25 years experience we strive to satisfy all of our clients’ needs when it comes to marketing them and their businesses. We go over and above to make sure that all of their advertising demands are met with no exceptions. MeloTel and Synergy have been in business together since providing exceptional VoIP and technical services. READ MORE"
“I have been a MeloTel customer since 2009 and wanted to tell you how much my whole office appreciates your services. Life becomes a lot easier when someone is there to help when we need it. That kind of service is why we will remain a loyal customer for many years to come. Thank you! READ MORE"
“Toronto Cosmetic Surgery Institute is a plastic surgery clinic, located in downtown Toronto. On site we have a fully functional, state of the art surgical facility. MeloTel assisted us when we went paperless a couple years ago in replacing and restructuring our computer hardware and network. They have been providing us with IT support ever since. Whether it be remote sessions that are required, or on site visits, the service MeloTel provides is always quick and efficient. READ MORE"
“Global Mentoring Solutions (GMS) is a North American based, white labelled outsourced help desk provider that partners with major ISPs, eLearning Support Providers and mid-market IT Service Providers. With MeloTel’s telephone infrastructure services GMS is able to provide support for over 8,000 technical support interactions per month! GMS has been relying on MeloTel’s expertise and professional support services since 2010. READ MORE"