cancel
Showing results for 
Search instead for 
Did you mean: 

VPNFilter router malware - is Hub One vulnerable?

gramachree
Hooked
Posts: 6
Registered: 20-07-2012

VPNFilter router malware - is Hub One vulnerable?

6 REPLIES
Community Gaffer
Community Gaffer
Posts: 13,423
Thanks: 1,184
Fixes: 92
Registered: 04-04-2007

Re: VPNFilter router malware - is Hub One vulnerable?

No, you're fine.

Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵

spotless
Newbie
Posts: 3
Registered: 09-08-2018

Re: VPNFilter router malware - is Hub One vulnerable?

Hi

What is the basis for the confidence of your reply, "No, you're fine."  ?Huh

Have Plusnet and / or Thomson (if that is the manufacturer of the Hub One router) run extensive testing on all aspects of VPNFilter against the Hub One router?  If so, is there any official documentation or statement regarding this?  If so, does this official documentation or statement provide any technical explanation?

Just because the Hub One is not on the list of routers known to be vulnerable to the FBI:

THIS DOES NOT NECESSARILY MEAN THAT THE HUB ONE ROUTER IS NOT VULNERABLE TO VPNFILTER!!!!

These are the only threads I have found in the Plusnet forums that seem to be relevant to this issue:

https://community.plus.net/t5/My-Router/Hub-One-Firmware-Updates/td-p/1336565

https://community.plus.net/t5/My-Router/Hub-One-Firmware-Updates/td-p/1336565/page/11

https://community.plus.net/t5/My-Router/VPNFilter/m-p/1542276

https://community.plus.net/t5/Fibre-Broadband/VPNFilter-router-malware-is-Hub-One-vulnerable/m-p/154...

https://community.plus.net/t5/Tech-Help-Software-Hardware-etc/Warning-from-the-FBI-via-Avast/m-p/155...

and nowhere have I found any reason to feel confident that a skilled hacker could not exploit Hub One using VPNFilter, beyond the 3 word answer of "No, you're fine."

BTW, I am a techie myself.

 

 

 

Community Gaffer
Community Gaffer
Posts: 13,423
Thanks: 1,184
Fixes: 92
Registered: 04-04-2007

Re: VPNFilter router malware - is Hub One vulnerable?


@spotless wrote:

What is the basis for the confidence of your reply, "No, you're fine."  ?Huh


It is based on communication with the router vendor.

The Plusnet Hub One is not vulnerable to VPNFilter.

The device has safeguards against this type of attack, e.g:

  • They do not use common default passwords.
  • They do not give access to the operating system via any login method.

Neither us, nor the device vendor are aware of any exploits affecting the Plusnet Hub One that would allow access to install the malware.

Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵

spotless
Newbie
Posts: 3
Registered: 09-08-2018

Re: VPNFilter router malware - is Hub One vulnerable?

Thanks Bob, that sounds reasonable.  BTW;

 

1)  I haven't found any way to do so so far, but is it possible to remotely administer the Plusnet Hub One router?

2)  If so, is it possible to turn off remote administration for the Plusnet Hub One router?

Highlighted
Community Gaffer
Community Gaffer
Posts: 13,423
Thanks: 1,184
Fixes: 92
Registered: 04-04-2007

Re: VPNFilter router malware - is Hub One vulnerable?

1.) Can't be enabled within the GUI, and not possible in the traditional sense of having external access to the router's web interface. The device can be remotely administered via TR069 using CWMP.

2.) We can 'cease' the device on our hardware management platform which will munge the URL the device uses for communication. This will stop you receiving any future software updates though and prevent certain support staff access to help diagnose problems. It also contradicts the concern about security, because you will be leaving yourself open to any issue in the future that we push patches for.

Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵

spotless
Newbie
Posts: 3
Registered: 09-08-2018

Re: VPNFilter router malware - is Hub One vulnerable?

Thanks Bob.

 

Smiley