[蘋果新聞]...惡意程式入侵家居辦公室 FBI籲馬上重啟路由器

toylet 發短消息加為好友 toylet 當前離線 Mr. Man-wai CHANG (張記) UID 127573 帖子 86652 精華 0 積分 18065 EPC Dollar 18065 來自 Hung Hom, Hong Kong 註冊時間 2008-10-29 最後登錄 2026-3-19 Banned	*1^# 跳轉到 »* 倒序看帖** 打印字體大小: tT 發表於 2018-5-30 22:24 \| 只看該作者 [蘋果新聞]...惡意程式入侵家居辦公室 FBI籲馬上重啟路由器提示: 作者被禁止或刪除內容自動屏蔽收藏分享 0 0

sing

進階會員

Rank: 3 Rank: 3 Rank: 3

2^#

發表於 2018-5-31 07:14 | 只看該作者

本帖最後由 sing 於 2018-5-31 07:18 編輯

聯邦調查局（FBI）促請公眾關掉路由器，再重新啟動。
toylet 發表於 2018-5-30 10:24 PM

Reboot搞得掂？
Wiki話係reset喎！
佢都有quote FBI話reboot完只係冇咗payload
轉頭咪又嚟過
唔係真係fix咗喎
https://en.m.wikipedia.org/wiki/VPNFilter

TOP

chue

特級會員

Rank: 4 Rank: 4 Rank: 4 Rank: 4

3^#

發表於 2018-5-31 09:07 | 只看該作者

可能比人有籍口買新 ROUTER

TOP

trustme133

進階會員

Rank: 3 Rank: 3 Rank: 3

4^#

發表於 2018-5-31 09:59 | 只看該作者

reboot完病毒仲健在.
好似windows咁重裝啦.
ROUTER係重置預設值.

TOP

yjfoeg

進階會員

Rank: 3 Rank: 3 Rank: 3

5^#

發表於 2018-5-31 10:40 | 只看該作者

Reboot搞得掂？
Wiki話係reset喎！
佢都有quote FBI話reboot完只係冇咗payload
轉頭咪又嚟過
唔係真係fix ...
sing 發表於 2018-5-31 07:14

條轉貼link係蘋果黎
你對蘋果有乜期望

TOP

t19922006

進階會員

Rank: 3 Rank: 3 Rank: 3

6^#

發表於 2018-5-31 17:12 | 只看該作者

本帖最後由 t19922006 於 2018-5-31 17:33 編輯

係reboot, Cisco 同Symantec 建議人reset
WiKi 唔一定正確, 個個都可以改
WiKi
On 25 May 2018, the FBI suggested instead that users simply reboot their routers. This would temporarily remove the dangerous payload of the malware, but leave it infected with Stage 1, leading it to try re-downloading the payload, infecting the router again. The FBI said that this would help them to find the servers distributing the payload.[5][6][7]

As Symantec outlines, VPNFilter is "a multi-staged piece of malware." Stage 1 makes the connection, Stage 2 delivers the goods, and Stage 3 acts as plugins for Stage 2. "These include a packet sniffer for spying on traffic that is routed through the device, including theft of website credentials and monitoring of Modbus SCADA protocols. Another Stage 3 module allows Stage 2 to communicate using Tor."

VPNFilter "is unlike most other IoT threats because it is capable of maintaining a persistent presence on an infected device, even after a reboot," Symantec says.

Still, "rebooting will remove Stage 2 and any Stage 3 elements present on the device, [temporarily removing] the destructive component of VPNFilter. However, if infected, the continuing presence of Stage 1 means that Stages 2 and 3 can be reinstalled by the attackers."
https://www.pcmag.com/news/36143 ... o-vpnfilter-malware

TOP

kwangi

中級會員

Rank: 2 Rank: 2

7^#

發表於 2018-6-2 21:28 | 只看該作者

點check router有冇事? 同已經patch左個漏洞?

TOP

toylet 發短消息加為好友 toylet 當前離線 Mr. Man-wai CHANG (張記) UID 127573 帖子 86652 精華 0 積分 18065 EPC Dollar 18065 來自 Hung Hom, Hong Kong 註冊時間 2008-10-29 最後登錄 2026-3-19 Banned	8^# 發表於 2018-6-2 22:47 \| 只看該作者提示: 作者被禁止或刪除內容自動屏蔽

	TOP

lordvalkyrie

進階會員

Rank: 3 Rank: 3 Rank: 3

9^#

發表於 2018-6-5 10:51 | 只看該作者

咁即是文中的 "router" 不是一般家用 routers?
toylet 發表於 2018-6-2 22:47

包家用 router, 請看原文.
Cisco's Talos Intelligence Group Blog: New VPNFilter malware targets at least 500K networking devices worldwide
https://blog.talosintelligence.com/2018/05/VPNFilter.html

我係另一 post 也貼過了, reboot 懶人貼
Resetting Your Router the Paranoid (=Right) Way
https://isc.sans.edu/diary/rss/23719

TOP

[蘋果新聞]...惡意程式入侵家居辦公室 FBI籲馬上重啟路由器

[收藏此主題] [關注此主題的新回覆]

[通過 QQ、MSN 分享給朋友]