The FBI is urging consumers to reboot their routers to mitigate the risk of being exposed to a major malware attack with ties to foreign cyber actors.
The agency recommends that “any owner of small office and home office routers” reboot their device. As many as 500,000 devices in 54 countries were impacted by the malware, known as “VPNFilter” -- an infection that can interrupt internet access, siphon information from users, and use devices to spread malware.
“VPNFilter is able to render small office and home office routers inoperable,” the FBI said in a statement. “The malware can potentially also collect information passing through the router. Detection and analysis of the malware’s network activity is complicated by its use of encryption and misattributable networks.”
Known affected routers
Here is a list of known affected devices, according to Symantec:
Linksys (models E1200, E2500 & WRVS4400N)
Mikrotik RouterOS Versions for Cloud Core Routers (versions 1016, 1036 & 1072)
Netgear (models DGN2200, R6400, R7000, R8000, WNR1000 & WNR2000)
QNAP (models TS251 & TS439 Pro)
Other QNAP NAS devices running QTS software
Rebooting a router
The FBI has reportedly seized a domain that was controlling the malware, which makes rebooting an effective way to thwart VPNFilter. Rebooting a router will temporarily disrupt the malware and may also help government teams “identify and remediate the infection worldwide,” according to the Department of Justice.
For most devices, rebooting requires unplugging the device for at least 10 seconds, plugging it back in, and then waiting approximately 30 seconds before restarting the device.
As another precaution, the FBI is recommending that users upgrade to the latest firmware and use original, secure passwords.