![]() ![]() Malware can attempt to connect to your router if you have a weak password or no password. Don't assume your local network can be trusted.Use a strong password and even if you do, change it now!.Do not open access to your device from the internet side to everyone, if you need remote access, only open a secure VPN service, like IPsec.Keep your MikroTik device up to date with regular upgrades.RouterOS has been recently independently audited by several third parties. There are no new vulnerabilities in these devices. We have tried to reach all users of RouterOS about this, but many of them have never been in contact with MikroTik and are not actively monitoring their devices. You must also change password, re-check your firewall if it does not allow remote access to unknown parties, and look for scripts that you did not create. If somebody got your password in 2018, just an upgrade will not help. Unfortunately, closing the old vulnerability does not immediately protect these routers. The attacker is reconfiguring RouterOS devices for remote access, using commands and features of RouterOS itself. There is no new vulnerability in RouterOS and there is no malware hiding inside the RouterOS filesystem even on the affected devices. ![]() In early September 2021 QRATOR labs published an article about a new wave of DDoS attacks, which are originating from a botnet involving MikroTik devices.Īs far as we have seen, these attacks use the same routers that were compromised in 2018, when MikroTik RouterOS had a vulnerability, that was quickly patched. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |