The FBI, DHS and DoJ advised rebooting your router to clear it from advanced stages of the Russian-linked malware VPNFilter. The malware infecting SOHO routers and NAS devices is linked to the Russian military-backed hackers Sofacy Group, aka Fancy Bear and APT 28.
If you have a home or small office router, the FBI suggests you immediately reboot it to counter Russian-linked malware VPNFilter.
It doesn’t take long to simply turn your router off and then back on, and the payoff is worth it, considering it’s within your power to counter Fancy Bear-linked malware that is capable of everything from stealing information to rendering the router inoperable.
The malware, which has so far infected at least 500,000 small office and home office routers in 54 countries, has been dubbed VPNFilter. It’s linked to the Sofacy Group, aka Fancy Bear and APT 28, a sophisticated cyber-espionage hacking group backed by the Russian military intelligence agency.
VPNFilter, according to a trio of three-letter agencies — the FBI, DHS, DoJ — has infected not only hundreds of thousands of SOHO routers, but also other network-attached storage (NAS) devices.
On Wednesday, May 23, Cisco Talos warned that the estimated number of infected devices was “at least 500,000 in at least 54 countries. The known devices affected by VPNFilter are Linksys, MikroTik, NETGEAR and TP-Link networking equipment in the small and home office (SOHO) space, as well at QNAP network-attached storage (NAS) devices.”
Talos security researchers added, “The malware has a destructive capability that can render an infected device unusable, which can be triggered on individual victim machines or en masse, and has the potential of cutting off internet access for hundreds of thousands of victims worldwide.”