FBI urging Americans to reboot internet routers now

Posted at 4:55 PM, May 29, 2018
and last updated 2018-05-29 13:26:02-04

(WTXL) - If you've got an internet router at home, the FBI says your information may be at risk.

The FBI Internet Crime Complaint Center (IC3) sent out a public service announcement saying, "foreign cyber actors have compromised hundreds of thousands of home and office routers and other networked devices worldwide."

The 'actors' are using VPNFilter malware to target small office and home office routers. They say VPNFilter is able to make the routers inoperable and can also potentially collect information from the router.

In fact, the FBI says the malware can perform multiple functions, including device exploitation and blocking network traffic. 

Officials say the size and scope of the infrastructure impacted by the VPNFilter malware is significant. According to Cisco Talos, there are at least 500,000 infected devices in at least 54 countries.

Cisco Talos says the known affected devices are Linksys, MikroTik, NETGEAR and TP-Link networking equipment in the small and home office (SOHO) space, though they note their research is still not complete. 

Linksys is encouraging customers with older routers or routers that do not support automatic updates (or have disabled automatic updates) to update the latest firmware from their website on the individual product pages. 

In a statement on it's website, NETGEAR said that the malware may be targeting some of their devices, but say the malware likely targets vulnerabilities they already have firmware fixes for.

TP-Link also acknowledged the malware and said they are investigating. 

To combat the targeting, the FBI is recommending that you reboot any small office and home office router you may own to disrupt any malware that may be present. 

You are also advised to disable remote management settings on devices, secure your routers with strong passwords, and enable encryption. The FBI also recommends upgrading your firmware.

According to a report from Forbes, the VPNFilter malware has been traced back to Sofacy Group, which is believed to be directed by Russia's military intelligence agency.