Reply

What Can I Do if my Nighthawk AC1750 R6700v2 Router is Infected by Malware?

Zene_Shu
Tutor

What Can I Do if my Nighthawk AC1750 R6700v2 Router is Infected by Malware?

What Can I Do if my Nighthawk AC1750 R6700v2 Router is Infected by Malware?

Model: R6700v2|Nighthawk AC1750 Smart WiFi Router
Message 1 of 12
antinode
Guru

Re: What Can I Do if my Nighthawk AC1750 R6700v2 Router is Infected by Malware?

> What Can I Do if my Nighthawk AC1750 R6700v2 Router is Infected by
> Malware?

 

   What is your evidence that it is?

 

   If you can load fresh firmware into it, then I'd expect that to
restore it to its original state, but, with my weak psychic powers, I
have no idea how it's behaving now, so I don't know if the usual
firmware load procedures (including the TFTP recovery method) would
work.

Message 2 of 12
Zene_Shu
Tutor

Re: What Can I Do if my Nighthawk AC1750 R6700v2 Router is Infected by Malware?


@antinode wrote:

> What Can I Do if my Nighthawk AC1750 R6700v2 Router is Infected by
> Malware?

 

   What is your evidence that it is?

 

   If you can load fresh firmware into it, then I'd expect that to
restore it to its original state,...

 

Update for Case #XXXXXX - "ESET says that my router is infected by malware"

An ESET Technical Support Representative has updated this case with the following information:

 

Hello,

Thank you for contacting ESET North America Technical Support.

With regard to your router: our vulnerability scanner can't fix these problems; that requires help from your router vendor.  Yes, as the boilerplate below suggests, rebooting the router may help, but it's only an interim solution.  Please contact your router vendor for further assistance -- it may require a firmware upgrade, or perhaps there is no fix at all, which means "Time for a new router".  Should that be the case, though, I'd (a) complain to the router vendor, and (b) making it clear that you will no longer purchase their products if they are unable or unwilling to support them.

I hope that helps; let me know if I may be of further assistance.

 

Thank you for using ESET security products,
ESET Technical Support
North America

 

Please help!


 

Message 3 of 12
Zene_Shu
Tutor

Re: What Can I Do if my Nighthawk AC1750 R6700v2 Router is Infected by Malware?

Incidentally, I did update the firmware and ran the ESET scan again but the scan continues to say that my router is infected with malware. So what can I do?

Model: R6700v2|Nighthawk AC1750 Smart WiFi Router
Message 4 of 12
antinode
Guru

Re: What Can I Do if my Nighthawk AC1750 R6700v2 Router is Infected by Malware?

Message 5 of 12
DarrenM
Sr. NETGEAR Moderator

Re: What Can I Do if my Nighthawk AC1750 R6700v2 Router is Infected by Malware?

As antinode said to try to reflash the firmware and factory reset the unit. Also you can report all security issues here.

 

https://www.netgear.com/about/security/default.aspx

 

DarrenM

Message 6 of 12
Zene_Shu
Tutor

Re: What Can I Do if my Nighthawk AC1750 R6700v2 Router is Infected by Malware?


@antinode wrote:

       https://community.netgear.com/t5/x/x/m-p/1700370


This link is of no help. I see no clues on how it might be relevant to me.

Message 7 of 12
Zene_Shu
Tutor

Re: What Can I Do if my Nighthawk AC1750 R6700v2 Router is Infected by Malware?


@DarrenM wrote:

As antinode said to try to reflash the firmware and factory reset the unit.


And where are the directions on how to do that?

Message 8 of 12
DarrenM
Sr. NETGEAR Moderator

Re: What Can I Do if my Nighthawk AC1750 R6700v2 Router is Infected by Malware?

Here is how to perform a factory reset 

 

https://kb.netgear.com/9665/How-do-I-perform-a-factory-reset-on-my-NETGEAR-router

 

Here is a link on how to flash the firmware via TFTP

 

https://kb.netgear.com/000059634/How-to-upload-firmware-to-a-NETGEAR-router-using-Windows-TFTP

 

DarrenM

Message 9 of 12
Zene_Shu
Tutor

Re: What Can I Do if my Nighthawk AC1750 R6700v2 Router is Infected by Malware?


@DarrenM wrote:

Here is how to perform a factory reset 

 

https://kb.netgear.com/9665/How-do-I-perform-a-factory-reset-on-my-NETGEAR-router

 

Here is a link on how to flash the firmware via TFTP

 

https://kb.netgear.com/000059634/How-to-upload-firmware-to-a-NETGEAR-router-using-Windows-TFTP

 

DarrenM

 

Why doesn't NETGEAR have a page that says "Do This If Your Nighthawk AC1750 R6700v2 Router is Infected by Malware"?

 

My firmware didn't fail to update.


The stated purpose of the second link says:

 

Symptoms:

  • Router not booting up properly
  • Failed firmware update
  • Blinking power LED
  • Power LED is blinking/solid amber
  • Device bricked after performing a FW update
Message 10 of 12
Zene_Shu
Tutor

Re: What Can I Do if my Nighthawk AC1750 R6700v2 Router is Infected by Malware?

I have no idea if the advice I'm getting is helpful. I still prefer a specific NETGEAR webpage that says "Do This If Your Nighthawk AC1750 R6700v2 Router is Infected by Malware".

Message 11 of 12
antinode
Guru

Re: What Can I Do if my Nighthawk AC1750 R6700v2 Router is Infected by Malware?

> [...] I still prefer a specific NETGEAR webpage that says "Do This If
> Your Nighthawk AC1750 R6700v2 Router is Infected by Malware".

 

   I wouldn't hold my breath waiting for that one.

 

   First, you have no actual proof that your "Nighthawk AC1750
R6700v2 Router is Infected by Malware".  What you have is a claim by
some program (of questionable reliability) that it has found a
vulnerability in your router.  Perhaps it has really found a real
vulnerability, but that could still be a vulnerability in the original
Netgear firmware, not some new "Malware" "infection".

 

   If you can load fresh firmware into it, and the (claimed)
vulnerability is still there, then I'd infer that any problem is in the
original Netgear firmware, not some new "Malware" "infection".

 

> And where are the directions on how to do that?


   Visit http://netgear.com/support , put in your model number, and look
for Downloads.  (For older versions, under Firmware and Software
Downloads, look for "View Previous Versions".)  Find the kit(s).
Download the kit(s) you want.  Read the "Release Notes" file for
instructions.

 

   The TFTP recovery scheme is useful if normal communication with the
router's management web site fails (or the manual firmware update
procedure there fails).  If that's not your problem, then don't worry
about TFTP.

Message 12 of 12
Top Contributors
Discussion stats
  • 11 replies
  • 1645 views
  • 3 kudos
  • 3 in conversation
Announcements

Orbi WiFi 6E