Reboot Your Router to Kill the VPNFilter Malware Unleashed by Russia

Share this post!

The FBI is advising users of consumer-grade routers and network-attached storage devices to reboot them as soon as possible to counter Russian-engineered malware that has infected hundreds of thousands devices.

Earlier this week, Cisco’s security team disclosed a Russian-developed malware called VPNFilter which compromised at least 500,000 routers built by Linksys, MikroTik, NETGEAR, and TP-Link as well as network-attached storage devices manufactured by QNAP. In addition to the threat protections rolled out by Cisco, the Federal Bureau of Investigation (FBI) has also released a public advisory calling on users of the affected networking devices to reboot the routers in order to destroy the malware.

According to Cisco, the malware is designed to steal website credentials passing through the routers and render the infected small office and home office devices useless. The FBI also said it’s currently hard to detect the malware’s network activity as it uses encryption and misattributable networks.

The router models affected by VPNFilter include:

  • Linksys E1200
  • Linksys E2500
  • Linksys WRVS4400N
  • Mikrotik RouterOS for Cloud Core Routers: Versions 1016, 1036, and 1072
  • Netgear DGN2200
  • Netgear R6400
  • Netgear R7000
  • Netgear R8000
  • Netgear WNR1000
  • Netgear WNR2000
  • QNAP TS251
  • QNAP TS439 Pro
  • Other QNAP NAS devices running QTS software
  • TP-Link R600VPN

On top of a system reboot, the FBI also advises owners of the affected routers to switch off the remote management settings on their devices, use strong passwords for security, turn on encryption if available, and upgrade the devices to the latest firmware versions.

Consider investing in a business-grade router

Business-grade routers can help organizations become more secure, stable, and scalable.  And though more expensive than their consumer-grade counterparts, the added benefits are definitely worth the higher price tag.

Sources: Neowin and FBI via Ars Technica

Small Business

Education

Government

Enterprise