NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

DERoss's avatar
DERoss
Apprentice
May 23, 2018
Solved

VPNFilter Destructive Malware

Windows 7 Netgear N300 Wireless Router Model WNR2000v5 Firmware V1.0.0.64  GUI V1.0.0.204   US-CERT (an agency within the U.S. Department of Homeland Security) issued an advisory this morni...
Security
  • johngm's avatar
    johngm
    Jun 21, 2018

    You should be all set with that FW revision.   In this case we were informed by a third party and law enforcement that some unknown number of our devices including but potentially not limited to a list we were given, had been corrupted by a known hacking organization.   We were not told anything more than that, other than a reboot would either clean the device or have it identify itself to a server which had been set up by the FBI as a honey pot.   Any devices which exhibited this behavior would be handled by the FBI.  

     

    From what we could determine, we believe that our devices on current firmware releases, were probably not impacted but we simply did not have sufficient data to confirm this.   Our advice to our customers was to follow the best practices we have communicated, including changing default passwords, making sure remote management is disabled and having the product on the most recent firmware.  

     

    By following the procedure outlined you probably reset an uninfected device, but we do have to rely upon the FBI to run down any units which this remediation did not address.

     

     

johngm's avatar
johngm
NETGEAR Employee Retired
May 23, 2018

This was posted earlier today in the Security Advisories section of the MyNETGEAR web.

 

VPN Filter Security Advisory

DERoss's avatar
DERoss
Apprentice
May 31, 2018
martintechguy is quite correct.  johngm's replied with a link to a Web page that states "This article applies to:Wireless AC Router Nighthawk R7000 ".  My original message clearly stated that I was inquiring about a WNR2000v5.  Thus johngm's reply is not responsive. 
  • DERoss's avatar
    DERoss
    Apprentice
    Jun 21, 2018

    According to arstechnica.com, Netgear WNR2000 routers are indeed affected by this.  I have a Netgear WNR2000v5.  Is Netgear WNR2000v5 included in the alert about Netgear WNR2000v? 

     

    This is a simple question.  Please answer, but do not answer about a router that I do not have.  That is, do not answer about Wireless AC Router Nighthawk R7000. 

     

    • johngm's avatar
      johngm
      NETGEAR Employee Retired
      Jun 21, 2018

      Sorry for the confusion.  Due to an archaic tagging system our security advisories have to be tagged to a "specific" product and we chose the Nighthawk router for that honor on this security advisory.  If you read the content of the attached advisory, you will clearly see that it lists the router you have as being impacted.  

       

      I should have been clearer.  

       

      VPNFilter Malware Security Advisory

       

      • DERoss's avatar
        DERoss
        Apprentice
        Jun 21, 2018
        Thank you for your clarification. My settings were already according to your Web page's directions. I updated to Firmware Version V1.0.0.64 on 13 March 2018, before the VPNFilter alerts were published. Will there be a firmware update to address that malware?