Login | Register 
Contact us today!
866-348-2602

Total Tech Care Blog

Total Tech Care has been serving Florida since 2001, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
Font size: +
Subscribe to this blog post
Print

Your Router Can Host Some Pretty Nasty Malware

Total Tech Care Blog
0 Comments
Your Router Can Host Some Pretty Nasty Malware

Hundreds of millions of people use wireless Internet connections every day, and as a result, hackers are taking that as a challenge. They are now starting to develop malware that targets people through their routers. Recently, security researchers at Kaspersky Lab have discovered the malware named Slingshot. The code is designed to spy on PCs through a multi-layer attack that targets MikroTik routers. Today we take a look at Slingshot, and other router-based malware and what you can do about it.

Slingshot
Slingshot works by replacing a library file with a malicious version that downloads more malicious components and then eventually launches a two-front attack on the computers connected to it. The first one runs low-level kernel code that gives an intruder free rein of a system, while the other focuses on the user level and includes code to manage the file system and keep the malware alive.

It is a very intricate attack that calls the nefarious code in from an encrypted virtual file system; managing to do so without crashing the host system, a feat not lost on the security experts at Kaspersky Lab, who deemed it a state-sponsored attack because of the quality of the overall attack and the complexity of its components. Reports suggest that the malware can basically steal whatever it wants, including keyboard strokes, passwords, screenshots, and information about network usage and traffic.

MikroTik has announced that they have patched the vulnerability on versions of their routing firmware, but concerns remain as no one is sure if other router manufacturers have been affected. If that were to come to fruition, Slingshot could be a much larger problem than is currently believed.

Other Instances
Slingshot isn’t the first instance of a router turning on its owner. Traditionally, router security is known to be largely unreliable. Much of this is on the manufacturers, which have been known to build many different products without having a strategy in place to keep them working with up-to-date security. It is also up to the user to keep their router’s firmware up-to-date - something that is very easy to not keep top-of-mind. Plus, some routers make firmware updates time-consuming and difficult.

To attack the network, hackers seek to change the DNS server setting on your router. When you try to connect to a secure website, the malicious DNS server tells you to go to an elaborately constructed phishing site instead. By spoofing the domain and rerouting you to a website that is specifically constructed to take advantage of you, you have very little chance of warding off the attack before it’s too late.

Hackers have also been known to inject all types of user hindrances such trying to perform drive-by downloads, or inundating users with advertisements. Many attacks make use of cross-site request forgery attacks where a malicious actor creates a rogue piece of JavaScript that repeatedly tries to load the router’s web-admin page and change the router’s settings.

What to Do If This Happens to You
The first thing you should do is work to ascertain if your router has been compromised. You can do this in several ways, but the most telling is that your DNS server has been changed. You’ll have to access your router's web-based setup page. Once in, you have to visit the Internet connection screen. If your DNS setting is set to automatic, you are in the clear. If it’s set to “manual”, however, there will be custom DNS servers entered in the space. Many times, this is the first sign of a problem.

If you have been compromised, ensuring your router is set up to your manufacturer’s specifications will help you mitigate damage. To ward against this happening to you, you should always:

  • Install firmware updates: Making sure your router’s firmware is updated to the latest version will definitely help.
  • Disable remote access: Stop remote access to secure against anyone changing settings on your networking equipment.
  • Turn off UPnP: Plug and play can be very convenient, but your router could be affected through UPnP if there is any malware on the network since it is designed to universally trust all requests.
  • Change credentials: Changing your passwords are a simple way of keeping unwanted entities out of your router.

For more information about network and cybersecurity, the expert technicians at Total Tech Care are accessible and ready to help you keep your network and infrastructure secure. For help, call us at 866-348-2602.

Tweet
Tags:
Malware Router Wireless Internet
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, 30 April 2025
If you'd like to register, please fill in the username, password and name fields.

Blog Categories

Blog Archive

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Free Consultation

      Sign up today for a
      FREE Network Consultation

      How secure is your IT infrastructure?
      Let us evaluate it for free!

      Sign up Now!

      Free Consultation
       

      Tag Cloud

      Security Tip of the Week Technology Best Practices Business Computing Cloud Privacy Hackers Productivity Hosted Solutions Efficiency Software Google Business Network Security Microsoft Internet Email Malware Workplace Tips Backup Innovation Data User Tips Computer Mobile Devices Hardware IT Services Android VoIP Disaster Recovery communications Smartphones IT Support Communication Business Continuity Miscellaneous Smartphone Mobile Device Network Browser Small Business Productivity Collaboration Quick Tips Cybersecurity Business Management Users Phishing Upgrade Managed IT Services Windows Outsourced IT Ransomware Data Backup Windows 10 Office Cloud Computing Server Save Money Data Recovery Passwords Windows 10 Saving Money Holiday Tech Term Chrome Social Media Virtualization Gadgets Microsoft Office Automation Managed IT Services Managed Service Artificial Intelligence Operating System Facebook Computers Cybercrime Mobile Device Management Wi-Fi Networking IT Support Hacking Internet of Things Health BYOD Spam Office 365 Remote Managed Service Provider Telephone Systems Information Technology Covid-19 Information Alert Bandwidth Social Engineering Mobility Router Recovery BDR Employer-Employee Relationship Remote Monitoring Password Money Encryption Big Data App Applications History Data Breach Law Enforcement Human Resources Mobile Computing Application Mobile Office Apps Data Storage Patch Management Office Tips Training VPN Government Blockchain Paperless Office Private Cloud Remote Computing Managed IT How To HaaS Bring Your Own Device Infrastructure Data Management Voice over Internet Protocol Work/Life Balance Vulnerability Windows 7 Word Wireless Google Drive Servers Gmail Avoiding Downtime Flexibility Settings Marketing WiFi Data Security Two-factor Authentication IT solutions Entertainment Website Budget Mouse Cleaning User Error Meetings End of Support Conferencing Education Risk Management Physical Security Data Protection Hacker Safety Scam Sports HIPAA Redundancy The Internet of Things Lithium-ion battery Vendor Keyboard Managed Services Vendor Management Display Firewall Employee/Employer Relationship Telephone System Staff Software as a Service RMM Machine Learning Virtual Reality Save Time Apple Connectivity Remote Work USB Social Identity Theft IT Consultant Electronic Medical Records Spam Blocking Computing Infrastructure Digital Signage Going Green Hiring/Firing Humor Augmented Reality Wearable Technology Fraud Retail Hard Drives Procurement Battery Instant Messaging Workplace Strategy Robot Shadow IT Excel Net Neutrality Remote Worker Legal Help Desk Cryptocurrency Biometrics Business Intelligence Virtual Desktop Internet Exlporer Printing Worker Audit PDF IT Management Comparison DDoS Managed Services Provider Botnet CES SharePoint IT Plan Proactive IT Database Virus Best Practice Remote Workers Business Technology Unified Threat Management Content Management Unsupported Software Customer Service YouTube Computer Accessories Access Control Black Market Environment Processor Charger Virtual Assistant Fax Server Authentication Compliance Hard Drive Computer Care Document Management OneNote SaaS Solid State Drive Wireless Technology Current Events Printer How to Telephony Downtime Bluetooth Update Samsung Computing Network Congestion Data storage Google Docs Value Automobile eWaste Devices Outlook Leadership Messaging Tablets Troubleshooting Cabling Administrator Hypervisor Enterprise Content Management Start Menu Monitor Policy Entrepreneur Screen Mirroring Dark mode Loyalty Trend Micro MSP Accountants Thought Leadership Frequently Asked Questions Credit Cards Shortcut SMS Books Default App Microchip Streaming Media Saving Time Password Management Mobile Password Manager Reputation Windows 10s Procedure Cost Management Cast Multi-Factor Security dark theme Social Networking Tech Support Shopping Google Search Content Twitter Techology Tip of the week Laptop webinar AI Emergency IT Infrastructure Search Engine Employer Employee Relationship Bing NIST Professional Services Business Mangement Customers Public Cloud FinTech Trending Assessment Social Network Consultant Audiobook Smart Tech Running Cable Analytics Addiction Windows Server 2008 Amazon Touchpad Memory Investment Employee/Employer Relationships Tools Recycling Employees Advertising Windows 365 Television Best Available ISP Wiring Politics Practices Cache Amazon Web Services Video Conferencing WIndows 7 ROI Notifications Bitcoin Shortcuts Safe Mode Criminal Sales Point of Sale Public Computer Personal Science Cryptomining GDPR Hosted Computing Wireless Internet Regulations Online Shopping Supply Chain Management Transportation Rootkit Batteries File Sharing Relocation Computer Fan Monitoring Specifications Windows 8.1 Customer Relationship Management Digitize Camera Inventory Distributed Denial of Service PowerPoint Wire Windows Media Player Video Games Evernote Workers Analyitcs User Benefits Windows Server 2008 R2 Worker Commute FENG Travel Customer relationships Programming Millennials Email Best Practices IBM IT Assessment Manufacturing Printers Experience Smart Office Scalability Flash Wireless Charging Managing Stress Smart Technology Managed IT Service Security Cameras Business Owner Antivirus Computer Tips Software Tips Workforce Virtual CIO NarrowBand Supercomputer OneDrive Windows 8 Biometric Security Virtual Private Network Cameras Search Sync Cables IT service Emails Peripheral Digital Security Cameras Using Data iPhone Nanotechnology Telecommuting Copiers Tablet 5G Project Management Cortana Domains Netflix Quick Tip Two Factor Authentication Root Cause Analysis Ergonomics Smartwatch Digital Signature Files IaaS HBO Maintenance Chromecast Knowledge Development Music OLED Warranty Printer Server Virtual Machine HVAC Skype Google Apps PCI DSS Bloatware Data loss 2FA Uninterrupted Power Supply Fiber Optics Employee Analysis Colocation

      Top Blog

      Taking a Vacation From Your Technology While On Vacation Can Actually Make Things Worse
      The reasoning for this is simple: you want to make sure that operations are proceeding as intended, even if you’re not there. If you completely check out from the workplace every time you leave, you could return from your vacation to a complete and total disaster that may have been prevented with y...
      Read More
      QR-Code