Reboot your router: protect your home network & help catch criminals behind VPNFilter malware

Have you rebooted your home and/or small office router yet?

Once again, sleazy foreign agents are making inroads into stealing your private information. Here’s the official FBI Public Service Announcement from May 25, 2018.

The threat this time is called VPNFilter. Rebooting your router won’t cure the problem, but it will restart the process by which the criminals get into your system.

A simple reboot is quick, easy, and harmless. It’s the same thing every tech support person you’ve ever called has had you do first to try to solve connectivity issues.

Electronics circuit board - 1I like the Popular Mechanics explanation of what to do after your reboot. You’ll need to perform a factory reset to fully remove the VPNFilter malware.

The Cnet coverage included a list* of the routers known to be affected, which is nice information to have.

A factory reset may take you a little time, but it should remove the malware.

Reporting on this subject suggests that the FBI wants everyone to do a simple reboot first even though it is a patch, not the solution.

Why? Because it will lead a lot of internet traffic directly back to the perpetrators when their rebooted malware runs home to mommy asking what it should do next.

I like the idea of shining a light on Russian hackers who want to steal my stuff.

We’re still going to do a factory reset as soon as one of us has got the time and while no household member is in the middle of a mission critical online activity.

Contact phoneI also told my retired parents to push that button on the back of their router. They are unlikely to notice this kind of news coverage, and they wouldn’t be clear on how to address the problem without my phone call. Consider passing on this advice to reboot home routers to less technically proficient friends and neighbors.

Reboot your router right now. Get around to the factory reset as soon as you can.

*Per Cnet:

… manufacturers are as follows: Linksys, Mikrotik, Netgear, QNAP and TP-Link. However, Cisco’s report states that only a small number of models… are known to have been affected by the malware, and they’re mostly older ones:

Linksys: E1200, E2500, WRVS4400N

Mikrotik: 1016, 1036, 1072

Netgear: DGN2200, R6400, R7000, R8000, WNR1000, WNR2000

QNAP: TS251, S439 Pro, other QNAP NAS devices running QTS software

TP-Link: R600VPN

3 thoughts on “Reboot your router: protect your home network & help catch criminals behind VPNFilter malware

  1. What would be nice to know is if the open-source router firmware (https://dd-wrt.com/ , with which I am not affiliated in any way) is also as vulnerable to this (and other such) issues as the stock company firmware is (which, like many embedded devices, is known to be full of security gaps).

What do you want to say?

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s