Everything you need to know about VPNFilter Malware


VPNFilter Malware:

It has been just reported that a dangerous malware called VPNFilter is targeting increasing number of makes and models of devices, with its additional capabilities like secretly injecting malicious content over web traffic through an infected router. This capability, called SSLER lets VPNFilter stage a kind of man in the middle attack, with an aim to spy on victims to steal sensitive data. Using this capability, SSLer allows the actor in delivering exploits to endpoints.

It has been found out that this malware is continuously targeting more makes and models of devices. With its additional and increased capabilities, exploits can now be delivered to end points and reboots can be overridden.


VPN Filter is a sophisticated malware which uses known vulnerabilities to infect routers made by Linksys, MikroTik, Netgear, QNAP and TP-Link. Once installed, the malware uses a central infrastructure to install specialized plug-ins on the router. One plug-in allows hackers to listen to their victims’ Internet traffic to steal their Web identifiers; another one targets a protocol used in industrial control networks, such as in the power grid. A third plug-in allows attackers to paralyze any or all infected hardware. Together, all of the infected units in dozens of countries make up a 500,000-router strong botnet.

Read about infected devices & solutions for VPNFilter attack here.


Reference by

Stay away from the Fireball Malware – Update your Antivirus

In its latest advisory, the Indian Computer Emergency Response Team (CERT-In) has warned Internet users of the Fireball malware. This post explains what this virus is all about and how you can stay away from it. What is the Fireball Malware? Fireball is a browser hijacker that attacks the victim’s web browser. It is designed to perform the following activities: Generate fraudulent clicks on advertisements to make money for the attacker Make changes to the default web browser and its settings Download and execute other malware on the infected system Spy on the victim and steal their private information How does Fireball malware spread? Fireball is being distributed with freeware programs. So, when a user installs this freeware, they may also install fireball without even knowing about it. What should be done? If you think you may have installed free software in the past and noticed unusual changes in your web browser or computer, then follow these steps: Run an antivirus scan on your computer Uninstall programs which you don’t recognise. Go to Control Panel > Programs Uninstall browser add-ons (plug-ins, extensions) which you don’t recognise or don’t remember installing Reset your Internet browsers How Quick Heal helps? Quick Heal Antivirus successfully detects and blocks the Fireball malware. It detects it as: Pua.Elex AdWare.ELEX PUP.Elex If your PC is not protected, you may install the trial version of Quick Heal and run its Anti-malware scan. Download Quick Heal – 30 day Free Trial Tips to avoid such malware Avoid installing free software, especially those that do not have verified publishers Do not click on pop-up ads when you visit less popular and unknown websites, particularly those that offer free software download Do not click on links or download attachments in unknown or unexpected emails. Keep your antivirus up-to-date Apply all recommended security updates on your computer. Keep Automatic Updates ON If this post is helpful, share this post with your friends and family.

Reference by Quick Heal