on 30-05-2018 15:43
on 30-05-2018 15:43
https://www.draytek.com/en/download/firmware/
There's a vulnerability in some firmware versions that allows your DNS servers to be changed remotely without your knowledge.
Some ISPs have started to implement blocks on the IP addresses of the rogue DNS servers these routers are being switched to so if you have one and are having trouble accessing the 'net and have one of these routers, use the above link to download and install the latest firmware.
on 30-05-2018 16:11
on 30-05-2018 16:11
A good heads up @Anonymous. This may be related to this worldwide advisory, although Draytek isn't mentioned by name in it. https://blog.talosintelligence.com/2018/05/VPNFilter.html
The issue may well be spreading, though, so updating your router's firmware is never a bad idea.
on 30-05-2018 16:18
on 30-05-2018 16:18
Yes good advice @Bambino and @Anonymous but I'm still very sceptical about the warnings personally but that's just how I am with what I think is scare-mongering on a worldwide scale. However, people should be aware of security and all products, be it routers or phones etc, should be updated to the latest software and the security updates installed by regularly checking. Again, passwords should be difficult to guess or hack and changed at regular intervals. It is good to warn people what could happen otherwise.
on 30-05-2018 16:31
on 30-05-2018 16:31
I don't think this is scare-mongering, @jonsie. These recent warnings have been passed through every major news source, and I would presume they've done their research before putting out this advisory. They're not trying to sell anything, or get people to upgrade to new hardware. It costs nothing to update firmware, and it might protect you a little bit more. I think there are many people (myself included) who don't understand all the ways computers can be compromised, so warning users to update isn't a bad thing.
on 30-05-2018 20:10
on 30-05-2018 20:10
on 30-05-2018 22:10
You'd be shocked to find how many people don't bother installing O/S and device firmware updates because it takes time from whatever they are wanting to do so they say they'll do it later but never do and their system can become a server for bad stuff.
This is one of the reasons Microsoft went to enforced updates in Windows 10 because people weren't applying the patches.
Routers tend to be 'set and forget' and this kind of exploit is about harvesting passwords and personal info in an insdious manner.
on 30-05-2018 22:18
on 30-05-2018 22:18
@Anonymous I wouldn't be shocked in the least, which is why I posted this yesterday:
https://community.o2.co.uk/t5/Off-Topic/WARNING-HOME-ROUTER-HACK/m-p/1128071