1020QBT Podcast: VPN Filter Analysis, Mitigation, and Impact

Verified

Added on 2023/01/18

AI Summary

This document analyzes VPN filter, a sophisticated malware designed to infect routers and network-attached storage devices. The analysis, presented as a podcast transcript for the 1020QBT course, details the malware's functionality, including its ability to impact numerous network devices, sniff data, and exfiltrate it through the Tor network. The document outlines the major attacks associated with VPN filter, its three operational stages, and the specific routers affected (e.g., ASUS, D-Link, Linksys, TP-Link). Furthermore, it discusses the malware's evolution to steal passwords and other sensitive information. The analysis highlights the importance of early detection and the use of strong passwords to mitigate threats. The document includes citations and a reference list, and the student's contribution to the group podcast, along with self and peer evaluations, are also provided to showcase the collaborative nature of the project. The project aims to educate a non-expert audience about a key issue in the field of cybersecurity and offer potential solutions.

Running head: VPN FILTER
VPN FILTER
Name of the Student
Name of the University
Author Note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

1VPN FILTER
This video explains about the VPN filter. VPN filter is basically a malware that is
designed for infecting the routers and certain network attached storage device. According to
the survey in the year 2018 there were 500,000 routers from all over the world were facing
the risk. The VPN filter has an ability to impact a huge number of different kinds of network
and storage devices. The video has described all the major attacks that has taken place with
the use of VPN filter. This uses multiple third stage operations as soon as the initial infection
takes place. Apart from this there is another function performed by VPN filter that includes
sniffing the data stored within the connected network. The data extracted from a network are
then encrypted and exfiltrated with the use of Tor network. This are mainly designed for
infecting routers when attacked with network storage devices. This video has explained the
way data gets stolen from routers and includes a kill witch commands that are used for
rebooting the router. There are certain router that are being affected by these VPN filter are
ASUS, D-Link, Liksys, TP-link and many more. Basically VPN filter gets attached with
router in a way so that it can add malicious content towards traffic and has the ability affect
routers. With time it is being observed that VPN filter has developed a malware that has the
ability to steal passwords and other information stored within the system. The main working
of VPN filter is to create a sysopt connection that will permit VPN commands for allowing
the traffic to enter within the security. This enters allows VPN tunnel to act as a bypass.
Apart from all VPN- filter is also being applied to postdecrypted traffic after it gets into the
tunnel and preencrypted traffic before it enters. Thus, the video will help to describe the
major effects that are created on router by VPN filter. The major stages that are associated
with the VPN filter are divided into three stages. Stage 1 includes worm that adds code to
devices. Second stage includes detecting the body of malware and stage three includes
specific things for controlling the devices. Once the worm gets installed with the use of VPN
Filter they gets the power to attack the devices that are running embedded within this

2VPN FILTER
firmware. This video also describes about VPNFilter that as described by Cisco Talos.
According to him more than 500000 devices got infected from 54 countries. However in
order to overcome situation it becomes important to detect them at an early stage so that
threats can be mitigated within time. Moreover it is recommended to use strong
administration password so that VPNFilter does not gets the access within the network.

3VPN FILTER
Bibliography
Sinha, Sanjib. "Virtual Private Network or VPN." In Beginning Ethical Hacking with Python,
pp. 185-189. Apress, Berkeley, CA, 2017.
Zhang, Xiaoling, Chongfu Zhang, Chen Chen, Wei Jin, and Kun Qiu. "A cost-effective and
concurrent all-optical VPN in digital filter multiple access PON systems." In 2017 Opto-
Electronics and Communications Conference (OECC) and Photonics Global Conference
(PGC), pp. 1-4. IEEE, 2017.