FBI Urges Everyone To Reboot Their Routers

The FBI is urging everyone to reboot their routers after an announcement that Russian hackers have developed a sophisticated malware system that has already infected hundreds of thousands of routers. Luckily the recommendation on how to combat the infection is an easy fix. Anyone who has a home or small office router should just turn it off and then turn it back on again.

Cisco’s security team announced that more than 500,000 devices in at least 54 countries have been infected by the malware, known as VPNFilter. Devices made by Linksys, MikroTik, NETGEAR, TP-Link, and QNAP network-attached storage (NAS) devices are just a few of the manufacturers known to have been infected.

Here is a list of devices that are known to be vulnerable to VPNFilter:

  • Linksys E1200, E2500, and WRVS4400N
  • Mikrotik RouterOS for Cloud Core Routers: Versions 1016, 1036, and 1072
  • Netgear DGN2200, R6400, R7000, R8000, WNR1000, and WNR2000
  • QNAP TS251 and TS439 Pro
  • Other QNAP NAS devices running QTS software
  • TP-Link R600VPN

According to the FBI, “Foreign cyber actors have compromised hundreds of thousands of home and office routers and other networked devices worldwide. The malware is able to perform multiple functions, including possible information collection, device exploitation, and blocking network traffic.”

The FBI seized a website that was allegedly going to be used to direct the hacked routers. This cut off malicious communications, but still left the routers infected, which is why they are encouraging a reboot of all routers. According to the FBI, the hackers were part of a group called Sofacy, which is also known as A.P.T. 28 and Fancy Bear. This group is believed to be directed by Russia’s military intelligence agency and is the same group that hacked the Democratic National Committee shortly before the 2016 presidential election.

In addition to rebooting routers, the FBI is also recommending that users disable remote management settings, upgrade the firmware of their devices, and update their passwords.

Although the FBI’s advice is good enough, if you want to be extra cautious, you can follow Cisco’s suggestion to perform a factory reset to fully remove the malware from your router. We do not recommend doing this without proper technological knowledge, so contact us if you need assistance.

Readers Comments

FBI Urges Everyone To Reboot Their Routers

The FBI is urging everyone to reboot their routers after an announcement that Russian hackers have developed a sophisticated malware system that has already infected hundreds of thousands of routers. Luckily the recommendation on how to combat the infection is an easy fix. Anyone who has a home or small office router should just turn it off and then turn it back on again.

Cisco’s security team announced that more than 500,000 devices in at least 54 countries have been infected by the malware, known as VPNFilter. Devices made by Linksys, MikroTik, NETGEAR, TP-Link, and QNAP network-attached storage (NAS) devices are just a few of the manufacturers known to have been infected.

Here is a list of devices that are known to be vulnerable to VPNFilter:

  • Linksys E1200, E2500, and WRVS4400N
  • Mikrotik RouterOS for Cloud Core Routers: Versions 1016, 1036, and 1072
  • Netgear DGN2200, R6400, R7000, R8000, WNR1000, and WNR2000
  • QNAP TS251 and TS439 Pro
  • Other QNAP NAS devices running QTS software
  • TP-Link R600VPN

According to the FBI, “Foreign cyber actors have compromised hundreds of thousands of home and office routers and other networked devices worldwide. The malware is able to perform multiple functions, including possible information collection, device exploitation, and blocking network traffic.”

The FBI seized a website that was allegedly going to be used to direct the hacked routers. This cut off malicious communications, but still left the routers infected, which is why they are encouraging a reboot of all routers. According to the FBI, the hackers were part of a group called Sofacy, which is also known as A.P.T. 28 and Fancy Bear. This group is believed to be directed by Russia’s military intelligence agency and is the same group that hacked the Democratic National Committee shortly before the 2016 presidential election.

In addition to rebooting routers, the FBI is also recommending that users disable remote management settings, upgrade the firmware of their devices, and update their passwords.

Although the FBI’s advice is good enough, if you want to be extra cautious, you can follow Cisco’s suggestion to perform a factory reset to fully remove the malware from your router. We do not recommend doing this without proper technological knowledge, so contact us if you need assistance.



backtotop