Skip to content
DrKitKat's profile

New Member

 • 

1 Message

Saturday, June 9th, 2018 8:00 PM

VPNFilter malware - Is there a firmware upgrade for Cisco 3941B?

The original topic is locked - the last update was on May 29th.

This past week, there were reports that the VPNFilter Malware is worse than originally reported.

 

I understand that I'm supposed to provide my own routers, switches, firewalls, etc  because the firewall on the Cisco 3941B has some some basic settings.  I am thinking about putting the Cisco 3941B into bridge mode so that my own routers & firewalls can take care of the blocking.

On the "private" side of the Business Wireless Gateway, everything has been reset and the firmware has been upgraded. 
Before I configure bridge mode, I have a question is about the firmware version on the Business Wireless Gateway itself.    It's DOCSIS Software Version: dpc3941b-v303r20421762-180419a-CMCST. When will there be an updated version?

http://bgr.com/2018/06/07/vpnfilter-malware-security-threat-fix/

 

"Cisco discovered that the malware could perform man-in-the-middle attacks. That means the malware can inject malicious content in traffic that passes through the infected router and its targets.

Similarly, it can steal login credentials that are being transmitted between a computer and a website. The usernames and passwords can be copied and sent to servers controlled by the hackers. How is that even possible? VPNFilter downgrades HTTPS connections to HTTP, which means the malware is essentially looking to bypass encryption.

Cisco thinks that the VPNFilter threat is bigger than initially believed."

Rebooting the router may not be enough:
https://www.bleepingcomputer.com/news/security/reboot-your-router-to-remove-vpnfilter-why-its-not-enough/
"Rebooting the router will unload the Stage 2 and Stage 3 components of VPNFilter, but Stage 1 will start again after the router reboots. So while the most malicious components will be disabled, VPNFilter will still be present on your device.

The only real way to fully remove this infection is to reset your router back to factory defaults, which will also reboot the router. Unfortunately, this process will require you to setup your router again, add an admin password, and setup any wireless networks that are configured. "



Accepted Solution

Retired Employee

 • 

178 Messages

6 years ago

The vast majority of Comcast-provided residential and business gateways and modems were not impacted by the 'VPNFilter' malware.

 

For the very small number of Comcast-issued devices that may be affected, we are in the process of proactively communicating with those customers and exchanging hardware where needed