Some devices are unpatchable.
I won't name names, but I contacted the manufacturer of some of those devices on the list, only to be told that they are no longer in production and won't be patched... at all.... ever.
Good luck with that.
Cunning malware VPNFilter remains under active development, and is acquiring ever more dangerous features. That's the conclusion Cisco's Talos Intelligence security team reached after delving into recent samples and identifying seven “third-stage VPNFilter modules that add significant functionality to the malware”. VPNFilter …
Some may be able to find some open source firmware for their device but this is not a solution that normal users are likely to take. Most normal users just use their devices, rarely/never check for firmware updates and don't read articles about network device vulnerabilities.
if this is being spread by dodgy Android apps.
Most all Android apps scan the surrounding wifi connections and neighboring routers as well as search for any active bluetooth connections nearby.
I have seen dodgy "security" apps that actively test the DNS of the connected router that listed ALL the infected IP's from Brazil..
Wouldn't be too big a stretch for a repackaged app installed on a device that is connected to the users wifi to launch similar attacks.
(Insider threat indeed)
Biting the hand that feeds IT © 1998–2019