At the end of May the Cisco Talos security team released information on a new attack on consumer network infrastructure. The attack affects dozens of models of routers commonly used in home and small business networks. It is estimated that over 500,000 devices have been infected and the threat is significant enough that the FBI released a public service announcement (Read Announcement)
New information on this malware has been released indicating that it has additional functionality for persisting through a reboot, as well as for stealing user data. Disinfecting a device will require a factory reset as well as flashing the latest firmware. SpireTech is scanning the networks of our Managed Services customers (VIP Support Program) to identify any potentially vulnerable devices and perform the necessary remediation. If you are one of our Basic Support customers (which does not include our proactive services) we would be happy to work with you to create a plan to identify if you have any vulnerable devices.
If you have any questions please feel free to reach out to us through email or at 503-222-3086 and we would be happy to help build a plan for your network.
For additional details, as well as advice for disinfecting your router and a full list of known affected routers please refer to this article by Ars Technica