FBI Alert: Reset Your Router to Kill Russian Tied Malware 'VPNFilter'
On May 23, Cisco's Talos security researchers published an article revealing that an advanced nation state, believed to be Russia, injected malware in to 500,000 small and home office routers.
The FBI released a public service announcement on May 25 asking owners of home and office routers to reboot their routers to temporarily disrupt the threat.
In the time since then, there is believed to be an additional 200,000 routers at risk of being infected with malware.
The full capabilities of the malware are unknown but are capable of of the following:
- Monitor your internet traffic and steal sensitive data, such as website log-ins
- Render the device completely unusable via a “kill” command
- Use your devices to route/launch attacks on other targets
Security firms, like Trend Micro, are also encouraging router owners do more than reboot their router - perform a factory reset, update the router's firmware, and create a new admin username and password.
Other QNAP NAS devices running QTS software
How to Protect Yourself
Factory reset your router
You'll need your factory default username and password.
Check for a sticker on the router
- By default, it could be a blank username and the password "admin"
- Check your router's manual
- Check routerpasswords.com
Update your router's firmware
Create a new secure username and password for your router
- Use a password manager, like LastPass, to generate a new secure password.
Make sure remote administration is disabled in the router.
Extra Protection: Force HTTPS websites
Because the malware can manipulate where your web traffic goes, it targets secure HTTPS websites and downgrades them to HTTP. To force your browser to go to the secured HTTPS version of the site:
Install the HTTPS Everywhere browser extension. *Note: Only available for Google Chrome, Firefox and Opera. Not available for Safari, Edge, or Internet Explorer.