The FBI recently issued a security notice warning that all home and small office routers should be rebooted after the Cisco Talos group discovered sophisticated Russian-linked VPNFilter malware infecting at least 500,000 networking devices. “VPNFilter is able to render small office and home office routers inoperable,” the FBI warns. “The malware can potentially also collect information passing through the router.”
Routers are especially ripe targets for hackers because they usually connect directly to the Internet and are not often protected by your PC’s antivirus or other security solutions. Most people do not install router firmware updates, either, which can leave vulnerabilities exposed. VPNFilter also encrypts its network traffic, which can make its detection even more difficult.
The security notice from the FBI suggests that all router owners reboot their devices. Additionally, the Cisco Talos group says that “Due to the potential for destructive action by the threat actor, we recommend out of an abundance of caution that these actions be taken for all SOHO or NAS devices, whether or not they are known to be affected by this threat.”
So you should reboot your router no matter what. That said, Symantec released the following list of routers and NAS devices known to be susceptible to VPNFilter:
- Linksys E1200
- Linksys E2500
- Linksys WRVS4400N
- Mikrotik RouterOS for Cloud Core Routers: Versions 1016, 1036, and 1072
- Netgear DGN2200
- Netgear R6400
- Netgear R7000
- Netgear R8000
- Netgear WNR1000
- Netgear WNR2000
- NAP TS251
- QNAP TS439 Pro
- Other QNAP NAS devices running QTS software
- TP-Link R600VPN
But once again: The FBI and the security squad at Cisco suggest that we all reboot our routers, although it may not appear on this list, even taking it a step further as the only way to fully remove the malware is by performing a factory reset and updating it to the latest firmware revision available, which will protect against known vulnerabilities. The exact procedure for resetting a router can vary, for help please contact the techs at Frankenstein Computers and Networking.
Adapted from an article on pcworld.com
Frankenstein Computers has been taking care of our happy clients since 1999. We specialize in IT Support, IT Service, MAC repair, PC Repair, Virus Removal, web design and much more. Give us a call for remote support or drop in to drop off.