back to article Dr Symantec offers quick and painless checkup for VPNFilter menace on routers

Clean-up efforts to respond to the VPNFilter malware have accelerated with the release of a free check-up tool. Even though the utility from Symantec only looks to see if traffic has been manipulated, rather than confirming an infection, third-party experts have nonetheless welcomed its release. VPNFilter, discovered by …

  1. Captain Badmouth

    How nice to see a web page, that purports to check your router security, crawling with javascript.

    1. iron Silver badge

      And how else would you expect a web page to be able to run any check? Using just HTML or CSS?

      1. Captain Badmouth

        How many separate scripts would you say are necessary?

  2. GnuTzu Bronze badge

    Oh, the test is surly just one script, but you're still going to get all the other scripts that modern web development claims are necessary. After I enabled Javascript for that site, Ghostery found 3 trackers for advertising and one for analytics--across seven different sites providing Javascript. There's some customer service stuff in there too.

  3. Anonymous Coward
    Anonymous Coward

    VPNFilter menace on routers?

    What is VPNFilter's initial infection vector?

    1. diodesign (Written by Reg staff) Silver badge

      Re: VPNFilter menace on routers?

      The infection vector changes depending on the firmware and model - there is no definitive list, and no concrete details published TTBOMK.

      It's not believed the malware exploits any unpatched 0-day bugs - it's going after known vulnerabilities and insecure configurations (such as leaving remote administration enabled, weak passwords, etc).


  4. Captain Badmouth

    That's the problem gents, by the time you've enabled (one at a time) the first few scripts, you find the check doesn't work. Of course you look again to see a whole new shitload of other scripts waiting for your permission. I'd be more trusting if I hadn't remembered that Todd Davis (Symantec co-founder) had his identity stolen 13 times!

    Would you want to steal his identity?

  5. bolac

    Is this even possible

    I thought all those things are impossible since Windows has the Defender Exploit Guard and all that other AI-ML stuff that detects unknown malware. At least that's what the snakeoil companies are promising all the time.

    1. Androgynous Cow Herd

      Re: Is this even possible

      Home routers and IoT devices seldom if ever run Microsoft OS, so...what the hell are you thinking?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019