by
dengle » Wed Jun 06, 2018 3:25 pm
Hi @miken,
Your reply, "If you’ve got a Sonic owned and managed router, we keep it secure. If you own any other third party routers, you should reboot to err on the side of caution." is what I just received from support@sonic. However, I'm hearing that more drastic measures are required. First it was thought that a reboot of the router would solve it. But now I'm hearing you should reset the router to factory, which obviously Sonic support is not going to do because users will lose access to their wifi.
Quoting from a discussion at UC Berkeley:
Two very informative posts are available from Talos:
[1]
https://blog.talosintelligence.com/2018 ... ilter.html
[2]
https://blog.talosintelligence.com/2018 ... pdate.html
The FBI has released an announcement on May 23 - recommending rebooting devices:
[3]
https://www.justice.gov/opa/pr/justice- ... t-infected
However, based on information from Talos, rebooting is ineffective in removal - as one stage of VPNFilter is known to survive reboots.
Talos recommends reseting to factory default, applying all pending firmware updates and using a strong password for the admin user.
Talos released a longer list of known affected devices today (see [2] above).