Linux Lite Forums

General => Security & Bug Fixes => Topic started by: newtusmaximus on May 28, 2018, 06:22:45 PM

Title: F.B.I.’s Urgent Request: Reboot Your Router to Stop Russia-Linked Malware
Post by: newtusmaximus on May 28, 2018, 06:22:45 PM
https://www.nytimes.com/2018/05/27/technology/router-fbi-reboot-malware.html (https://www.nytimes.com/2018/05/27/technology/router-fbi-reboot-malware.html)
Question: How would we check top see if our router had been compromised.?
Is this only a threat if you use VPN?
Title: Re: F.B.I.’s Urgent Request: Reboot Your Router to Stop Russia-Linked Malware
Post by: Mart on May 29, 2018, 07:53:12 AM
Fake news.

Sleep soundly.
Title: Re: F.B.I.’s Urgent Request: Reboot Your Router to Stop Russia-Linked Malware
Post by: newtusmaximus on May 29, 2018, 09:17:43 AM
Mart,
why is it fake news?  Thanks
Title: Re: F.B.I.’s Urgent Request: Reboot Your Router to Stop Russia-Linked Malware
Post by: Mart on May 29, 2018, 10:49:15 AM
Dear newtusmaximus
 
I did not intend to be glib in my reply to your posting. I know that you and many others in the community will have legitimate concerns regarding the very important subject of online security.

But given all that is happening politically in America at the moment the question could also be asked why reference an article on the important subject of security tendered by this particular news organization and using these particular sources.

After all, I’m sure there’s an article somewhere in Russia (Russia is no longer a communist country, by the way) telling people to throw away their black box Windows computers because the NSA key contained within them has for years allowed the US government to illegally spy on millions of people all around the world.

Remember, virtue is a relative value.

I would certainly welcome any open source article by any neutral and unbiased security experts that would be able to substantiate the claims and opinions expressed in The New York Times article.

I hope you accept my reply in the spirit of constructiveness and goodwill with which it is intended.

As Larry King, the talk show host, says -

Question More.

Best wishes

Mart


Title: Re: F.B.I.’s Urgent Request: Reboot Your Router to Stop Russia-Linked Malware
Post by: newtusmaximus on May 29, 2018, 11:52:56 AM
Your initial response was not taken as glib :)   Mine to you was enquiring, so as to learn why you thought it was fake etc. i.e to form my own judgement , and hopefully that info would be of value to to others on this forum.
 Whilst I am comfortable ( but not expert) on how to manage PC security, my knowledge of router security is minimal, other that changing from default admin passwords etc. ( and SSIDs if router allows).

Not into VPN, but ensure that router is kept up to date with any firmware changes and block ports wherever viable.

Thanks again for your input.
Title: Re: F.B.I.’s Urgent Request: Reboot Your Router to Stop Russia-Linked Malware
Post by: Mart on May 29, 2018, 12:18:12 PM
Question: How would we check top see if our router had been compromised.?
Is this only a threat if you use VPN?

Hi newtusmaximus

Your original questions and concerns about router and VPN security still stand and I'm sorry if I deflected from that.

I would certainly implore anyone with real technical insight to help with this important subject.

Regards

Mart



Title: Re: F.B.I.’s Urgent Request: Reboot Your Router to Stop Russia-Linked Malware
Post by: richtea on May 29, 2018, 03:24:55 PM
Mart,
why is it fake news?  Thanks

Take it straight from the horse´s mouth:

https://www.politico.com/story/2017/01/trump-calls-the-new-york-times-washington-post-dishonest-234304 (https://www.politico.com/story/2017/01/trump-calls-the-new-york-times-washington-post-dishonest-234304)
Title: Re: F.B.I.’s Urgent Request: Reboot Your Router to Stop Russia-Linked Malware
Post by: ptyerman on May 30, 2018, 02:49:34 AM
Because everyone should believe anything that gingernut says? Yeah right! Anything he doesn't agree with he labels "fake news".
There has been several reports about this attack over the last month or so on several tech news sites. Ars Technica has a couple of stories about it, the most recent was only a few days ago.
This isn't the first security alert about routers either, there was a big one last year where several thousand was compromised, that was well reported and verified.
To answer the question about VPN. No it isn't just affecting VPN users, it hits beyond that and takes control of your router, there is also no non technical way of knowing if you're affected or not, so a simple router reboot is the safest way to mitigate it. Rebooting won't get rid of stage one, but it will clear stage two and three from the router. To get rid of all three you need to do a factory reset of the router, that clears everything out.
Title: Re: F.B.I.’s Urgent Request: Reboot Your Router to Stop Russia-Linked Malware
Post by: newtusmaximus on May 30, 2018, 05:40:10 PM
ptyerman, By Factory Reset I presume, the paperclip insert method - hidden switch, not via the linked pc?
Title: Re: F.B.I.’s Urgent Request: Reboot Your Router to Stop Russia-Linked Malware
Post by: ptyerman on May 30, 2018, 07:29:42 PM
Yes, either that or go in to the router settings and select factory reset if the router has that option, most do that I have used.
A factory reset is the only way to clear stage one out the router, although once stage two and three are cleared by a reboot it's now impossible for stage one to connect and install stage two and three again, the FBI seized the domain used for this.
The downside of doing a factory reset of course is it will clear ALL settings, you will have to enter your ISP login details to connect again. Make sure you know these before doing the reset.
Title: Re: F.B.I.’s Urgent Request: Reboot Your Router to Stop Russia-Linked Malware
Post by: Mart on May 31, 2018, 10:28:53 AM
Ptyerman

I'm glad newtusmaximus was able to get help regarding his router concerns.

So is your advice that everyone in the community, throughout the world, urgently factory re-set their routers one day before the release of Linux lite 4.0.

If so will you be available to help individual members with any problems or glitches that may arise from the re-sets.




Title: Re: F.B.I.’s Urgent Request: Reboot Your Router to Stop Russia-Linked Malware
Post by: ptyerman on May 31, 2018, 11:16:06 AM
I don't give a monkeys either way son! Wasn't my advice, I just repeated what's plastered on various sites I regularly visit. Now go learn something!
Title: Re: F.B.I.’s Urgent Request: Reboot Your Router to Stop Russia-Linked Malware
Post by: Jerry on May 31, 2018, 01:16:58 PM
Be nice folks, come on.

Sent from my Mi Max using Tapatalk

Title: Re: F.B.I.’s Urgent Request: Reboot Your Router to Stop Russia-Linked Malware
Post by: richtea on May 31, 2018, 01:43:35 PM
Monkeys I hear ... Let me raise you an OutlawCountry:


https://www.wikileaks.org/vault7/#OutlawCountry


So after resetting his router, Maximus may go and learn some more. And more. And more, to see what an exercise in futility it all is unless he is capable of building his own router with an ever-current, robust, resilient OS. Commercial means compromised, ipso facto.

Title: Re: F.B.I.’s Urgent Request: Reboot Your Router to Stop Russia-Linked Malware
Post by: Jerry on May 31, 2018, 10:38:51 PM
Locked, can't be civil. don't post.