Blog: Zyxel Networks

ZYXEL Response to VPNFilter Malware

Written by Team Zyxel | 5/29/18 9:45 PM

According to CBS NEWS:

"The FBI is urging Americans to reset their internet routers, warning that Russian hackers may have infected hundreds of thousands of the devices.

The FBI recently put out a public service announcement saying "the malware is able to perform multiple functions, including possible information collection, device exploitation and blocking network traffic."

The agency has already pinpointed how the hackers got into the routers and now they want everyone to do a reboot. Officials say by turning it off and back on, it resets in a way that allows the FBI to identify the exact devices that have been infected.

A reboot should also destroy part of the malware. Experts say once you've turned the router back on, you will need to create a new, stronger password for your router.

You can read the FBI's official message HERE."

There’s currently no evidence that Zyxel devices are vulnerable to the VPNFilter malware. However, we urge all users to upgrade their devices to the latest available firmware for optimal protection.

What’s the vulnerability?

According to a disclosure by Cisco Talos, a piece of malware called VPNFilter is targeting networking devices by exploiting either their default credentials or known vulnerabilities. After a successful initial attack, an affected device downloads malicious codes onto its system remotely from the command and control (C&C) server.

What products are vulnerable?

There’s currently no evidence suggesting that Zyxel products are vulnerable to VPNFilter, and we haven’t received any report – from a customer, researcher, or other party – of the vulnerability affecting any Zyxel device.

What should you do?

  • Ensure your devices are running the latest available firmware.
  • Change the default password as soon as you log in to a new device for the first time.
  • Use strong, unique passwords for every device and change them regularly.
  • Don't enable remote access unless it's absolutely necessary.

Got a question or a tipoff?

Please contact your local service rep for further information or assistance. If you’ve found a vulnerability, we want to work with you to fix it – contact security@zyxel.com.tw and we’ll get right back to you.