As it continues to investigate the VPNFilter malware that’s gripped hundreds of thousands of routers worldwide, the FBI has advised consumers and office managers in the US to reset their network boxes to try and flush out at least part of the malicious code.
“The FBI recommends any owner of small office and home office routers power cycle (reboot) the devices,” the Bureau said in a statement. “VPNFilter is able to render small office and home office routers inoperable. The malware can potentially also collect information passing through the router.”
In other words, the malware can spy on your internet activities or shut down your router entirely. It’s still unclear exactly what the overall purpose of VPNFilter is, or who might be behind it, but the FBI says it’s making progress in shutting its network down.
Are you infected?
There’s still plenty we don’t know about the VPNFilter malware, outside of the obvious fact that it’s a huge problem. Cisco’s security team Talos has said more than 500,000 routers have been hit in over 54 countries worldwide, with a particular focus on the Ukraine.
The devices already identified as under threat include:
- Linksys E1200
- Linksys E2500
- Linksys WRVS4400N
- Netgear DGN2200
- Netgear R6400
- Netgear R7000
- Netgear R8000
- Netgear WNR1000
- Netgear WNR2000
- QNAP TS251
- QNAP TS439 Pro
- TP-Link R600VPN
It’s not immediately clear how many of those devices might be in the US, the UK, Australia or anywhere else, but the FBI statement recommends that anyone with a router at home or in the office performs a reboot cycle. It’s actually good security advice at any time under any circumstances – so probably worth a few minutes out of your day.
The FBI also recommends updating your router with the latest firmware patches issues by the manufacturer, and changing the device passwords from the default ones – again, that’s wise security advance whether or not your router has been infected. If you’re unsure how to do this, check your router’s documentation or look up the details online.