Symantec has announced VPNFilter Check, a free online tool designed to help individuals and organisations quickly and simply determine if a router may be impacted by VPNFilter malware.
“VPNFilter poses a very serious threat to both consumers and businesses including injecting malware and the stealing of passwords and other confidential data,” said Greg Clark, CEO,Symantec.
“More than half a million routers are suspected to have been infected with VPNFilter and we urge the public to take action to determine if their own home router has been infected.”
First reported in May, VPNFilter targets a wide range of IoT devices such as routers and network-attached storage (NAS) devices. VPNFilter installs a plugin which monitors and modifies web traffic sent through the infected router, allowing cyber criminals to inject malicious content, render routers inoperable or steal passwords and other sensitive user information. Symantec’s VPNFilter Check determines if traffic in your home or your company is being altered by a router infected with the threat.
“This malware is unlike most other IoT threats because it is capable of maintaining a persistent presence on an infected device, even after a reboot,” said Stephen Trilling, senior vice president and general manager, Security Analytics and Research, Symantec.
“Symantec’s online VPNFilter Check tool provides individuals and organisations with an easy way to determine if their routers have been compromised by this threat, and suggests steps they can take if infected.”
To date, VPNFilter is known to be capable of infecting enterprise and small or home office routers. The full list of impacted routers is available here. To check your router for VPNFilter, please see Symantec’s free VPNFilter Check tool here.
According to Symantec, solutions such as Norton Mobile Security, the Norton Core Secure WiFi Router and Symantec Endpoint Protection Mobile provide protection from VPNFilter. The ability of VPNFilter to monitor and alter network traffic adds to ongoing privacy concerns that have been increasingly visible with the recent deployment of the new GDPR regulations.
For more information on VPNFilter, a complete list of affected devices and best practices for both consumers and organisations, please visit the Symantec Threat Intelligence blog.