VPNFilter - is our system vulnerable?

  • Two weeks ago, officials in the private and public sectors warned that hackers working for the Russian government infected more than 500,000 consumer-grade routers in 54 countries with malware that could be used for a range of nefarious purposes. Now, researchers from Cisco’s Talos security team say additional analysis shows that the malware is more powerful than originally thought and runs on a much broader base of models, many from previously unaffected manufacturers. The Ubiquity devices are now part of the list.


    • Is the Ubiquity Amplify HD vulnerable? If you say "no" how can you assure your customers?
    • Has the latest Ubiquity Amplify HD release v2.0.7 some extra protection against this malware? If not, when to expect it?
    • Is there a way to see if our Ubiquity Amplify HD systems are infected with the malware?
    • Any other advice?


  • I feel like with so many people affected the company would have been proactive in contacting customers to reassure them that they are either safe, or an update is coming quickly. I eagerly await the answer to these questions. In the meantime a factory reset of your router settings should fix the man in the middle scenario that is part of this attack beyond just VPNFilter.

  • https://arstechnica.com/information-technology/2018/06/vpnfilter-malware-infecting-50000-devices-is-worse-than-we-thought/

    The amplifi models are not on the list. Just two obscure outdoor beaming stations from ubiquity and non of their other wifi hardware. Doesn't mean the amplifi systems are not vulnerable though. I have read that the devices that were hacked had known vulnerabilities or were using default passwords. I don't think you can use a default password on the amplifi but you could certainly be using a weak password.

Log in to reply