An open community 
of Macintosh users,
for Macintosh users.

FineTunedMac Dashboard widget now available! Download Here

Topic Options
#48940 - 05/28/18 12:17 AM Reboot Your Router to Stop Malware
grelber Offline

Registered: 08/05/09
Loc: North of 49th ||

#48944 - 05/28/18 05:50 AM Re: Reboot Your Router to Stop Malware [Re: grelber]
Urquhart Offline

Registered: 08/10/17
Loc: Netherlands
What I’m missing from this and similar articles, is how would I know if my router is infected? That should be testable.
And what about the older routers that haven’t seen firmware updates in many years?
My ISP-supplied ISP-custom DOCSIS 3.0 router-modem has no user control for checking or updating the firmware anyway. I can only see the cryptic versioning on the information page, and a current 25-day uptime.
Enough people have a crappy connection that has to be rebooted sort-of regularly, are they already safe? How does a reboot help anyway (wouldn’t the malware continue after reboot)?
The reporting is a bit thin, if I may say so.

#48946 - 05/28/18 12:38 PM Re: Reboot Your Router to Stop Malware [Re: Urquhart]
MG2009 Offline

Registered: 08/05/09

I cannot say with complete confidence that the issue is real or not. It LOOKS pretty authentic with the links, etc., but given all the bad PR lately with Trump, Russia, FBI changes, and the like, this could simply be a hoax or some kind of damage-control publicity stunt.

I would think IF the problem were that serious, an explanation WOULD be given as to how to check to see if one's own router were at risk in the first place. Simply turning off and on seems way too simple a solution for something which - potentially - could have very serious consequences.

Who really knows? Colour me sceptical.

#48947 - 05/28/18 03:00 PM Re: Reboot Your Router to Stop Malware [Re: MG2009]
joemikeb Offline

Registered: 08/04/09
Loc: Fort Worth, Texas
Wikipedia has an informative article on Fancy Bear, APT128, Pawn storm, Sofacy Group, Sednit and STRONTIUM (all are apparently the same group behind the current threat) with years of documented attacks around the world as well as a non-technical description of their methods of attack. They are noted for their ability to defeat anti-malware efforts targeted at their "products" within an hour of the anti-malware's release. There is reason to believe their "products" are capable of successfully hiding from anti-malware software as well.

I don't know enough about. the threat to know how it is propagated or how it works to comment knowledgeably, but there is also the possibility that like the ongoing vulnerability of Intel, ARM, an other CPUs a permanent "cure" or "protection" will require developing and replacing hardware, firmware, and existing internet protocols.
joemikeb • moderator


Moderator:  alternaut, dianne, MacManiac