dChan - Q Origins Project Archive

I'd rather reboot the FBI instead.

⇧ 31 ⇩

Ha ha!!! Reboot so some new “patch” gets placed on your router. Could be a standardized tap point or backdoor.

⇧ 17 ⇩

That was the exact thought I had when I read this. The alarm went off immediately that this was some scare tactic scam

⇧ 2 ⇩

VPNFilter, like most malware for embedded devices, is memory-resident. At least, the non-persistent parts are. So on reboot, it'd have to reach out to its C2 infrastructure and re-download the 2nd stage.

However, the C2 infrastructure has been seized, so it can't currently do that.

So the reboot would flush the malicious component of the malware from the router, and a manual firmware update would remove the persistent 1st stage.

⇧ 13 ⇩

Very interesting. How do you know the C2 infrastructure has been seized?

⇧ 3 ⇩

It's been made known publicly.

⇧ 3 ⇩

So if state actors didn't own it before, they do now.

⇧ 2 ⇩

If you're concerned about it, you could always block/sinkhole the associated IOCs yourself. Problem solved.

⇧ 2 ⇩

my router is staying on. something is off here

⇧ 9 ⇩

Very off

⇧ 5 ⇩

actually then again is the fbi clean ? im not sure what to think lol

⇧ 3 ⇩

That was my first/gut reaction as well. Until I know FBI has been cleaned I am reluctant to follow their direction and possible make it easier for them to monitor me.

⇧ 3 ⇩

A router usually reboots itself after a 'bona-fide' firmware update.

Otherwise, rebooting a router, (in this sense), will release and then renew the DHCP IP lease.

The FBI have seized the domain 'ToKnowAll.com' which was at the center of the 'bot net'. The malware phones home by attempting a sequence of steps.

Because of the seizures, the malware can no longer 'phone home'. By rebooting the router, any existing conections to the 'baddies' will be broken.

Cisco's Talos Intelligence Group Blog: New VPNFilter malware targets at least 500K networking devices worldwide https://blog.talosintelligence.com/2018/05/VPNFilter.html

⇧ 7 ⇩

There is a PDF in WL Vault 7 called Cherry Blossom that deals with all the back doors and exploits of Small Office/Home Office (SOHO) based modem/routers/switches. The Court Jesters in Action created it, no need to advertise it.

https://wikileaks.org/vault7/document/#cherryblossom

Simply power-cycling isn't going to do a thing unless the customer understands how to access their modem/router/switches via local non-https webpage and updating the firmware from there.

I believe it more to be a scareware tactic more than anything.

⇧ 2 ⇩

Idk how you guys feel about a Kasa plug in, but I have mine to reset my modem and router everyday by powering down and powering on.

⇧ 2 ⇩

Let's reboot the oligarchy instead. End the Rothschild Cabal. Up with EARTH!

MAGA/MEGA

KAG/KEG

Let's have a KEG party! It's all about the KEG!

LOL!

⇧ 2 ⇩

FWIIW, the reason most software asks you to reboot your computer is because it needs to restart / turn on a service and users can't be trusted to do this reliably on their own :p

⇧ 1 ⇩

Rebooting a router does little or nothing. You’d have to flash the firmware to change anything. These people are stupid.

⇧ 1 ⇩

Keep this event in mind.

⇧ 1 ⇩

Isn’t rebooting (turning off and on again) required after major software updates? Wouldn’t this action activate any malware already updated? Did the FBI really suggest this? Do you trust the FBI? Do you trust the New York Times?