路由器感染pc
Half a million routers and NAS devices are infected with v*nFilter, serious malware that can spy on network traffic and even survive a reboot.
一半的路由器和NAS设备感染了v*nFilter,这是一种严重的恶意软件,可以监视网络流量,甚至在重新启动后仍然可以幸免。
v*nFilter can only be completely removed with either a software update or a factory reset of the router. The motivations for this malware aren’t clear, but according to a Cisco blog post it’s particularly prevalent in Ukraine.
只有通过软件更新或路由器的出厂重置才能完全删除v*nFilter。 这种恶意软件的动机尚不清楚,但据思科博客文章称,它在乌克兰尤为普遍。
Symantec said in a blog post that v*nFilter is primarily targeting home and small business routers. Here’s a list of devices known to have been infected:
赛门铁克在博客中表示,v*nFilter主要针对家用和小型企业路由器。 以下是已知已被感染的设备的列表:
- Linksys E1200 Linksys E1200
- Linksys E2500 Linksys E2500
- Linksys WRVS4400N Linksys WRVS4400N
- Mikrotik RouterOS for Cloud Core Routers: Versions 1016, 1036, and 1072 适用于云核心路由器的Mikrotik RouterOS:版本1016、1036和1072
- Netgear DGN2200 网件DGN2200
- Netgear R6400 网件R6400
- Netgear R7000 网件R7000
- Netgear R8000 网件R8000
- Netgear WNR1000 网件WNR1000
- Netgear WNR2000 网件WNR2000
- QNAP TS251 威联通TS251
- QNAP TS439 Pro 威联通TS439 Pro
- Other QNAP NAS devices running QTS software 其他运行QTS软件的QNAP NAS设备
- P-Link R600v*n P-Link R600v*n
If you have one of these you should consider doing a factory reset. As we’ve outlined before this usually means holding down the “Reset” button for 10 seconds, but the exact instructions will vary depending on your router. Note that you’ll lose all of your custom settings by doing this, meaning you’ll need to configure everything again.
如果您有其中之一,则应考虑恢复出厂设置。 正如我们之前概述的那样,这通常意味着按住“重置”按钮10秒钟,但是具体说明会因您的路由器而异。 请注意,这样做会丢失所有自定义设置,这意味着您需要重新配置所有内容。
Be sure to make sure your router is getting security updates after the factory reset, to prevent more infections in the future. Your router is the entry point to your home network, after all, so you want to make sure it’s secure.
请确保在恢复出厂设置后确保路由器正在获取安全更新 ,以防止将来受到更多感染。 毕竟,路由器是家庭网络的入口点,因此您要确保它的安全性。
Update: The FBI seized a domain related to this malware and is recommending users reboot their routers, change their admin passwords, and disable remote administration. This won’t remove the malware completely but should prevent the attackers from activating it.
更新 :FBI 抓住了与此恶意软件相关的域,并建议用户重新启动路由器,更改管理员密码并禁用远程管理。 这不会完全删除恶意软件,但应阻止攻击者**它。
路由器感染pc