General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsFBI to America: Reboot Your Routers, Right Now
The FBI has issued a dire warning to everyone who has a router in their home. The Internet Crime Complaint Center sent a rare Public Service Announcement declaring: "Foreign cyber actors have compromised hundreds of thousands of home and office routers and other networked devices worldwide."
The hackers are using VPNFilter malware to target small office and home office routers, the FBI said. "VPNFilter is able to render small office and home office routers inoperable," the FBI warns. "The malware can potentially also collect information passing through the router. Detection and analysis of the malwares network activity is complicated by its use of encryption."
The feds recommends "any owner of small office and home office routers reboot the devices to temporarily disrupt the malware and aid the potential identification of infected devices." They also advise to consider disabling remote management settings on devices, use encryption, upgrade firmware and choose new and different passwords, which is pretty much best practice anyway.
The IC3, formerly known as the Internet Fraud Complaint Center was renamed in October 2003 to include this kind of attack. Their stated mission "is to provide the public with a reliable and convenient reporting mechanism to submit information to the Federal Bureau of Investigation concerning suspected Internet-facilitated criminal activity and to develop effective alliances with law enforcement and industry partners."
Today, that means telling you to reboot your router, so hop to it.
Update 5/30 5:21 ET: While rebooting your router will impede VPNFilter's ability to spy on you, it does not fully remove the malware from your router. If you want to make sure your router is completely clean, you'll have to do a full factory reset.
https://www.popularmechanics.com/technology/security/a20918611/vpnfilter-malware-reboot-router/
moondust
(19,974 posts)Linksys E1200
Linksys E2500
Linksys WRVS4400N
Mikrotik RouterOS for Cloud Core Routers: Versions 1016, 1036, and 1072
Netgear DGN2200
Netgear R6400
Netgear R7000
Netgear R8000
Netgear WNR1000
Netgear WNR2000
QNAP TS251
QNAP TS439 Pro
Other QNAP NAS devices running QTS software
TP-Link R600VPN
https://www.pcmag.com/news/361431/is-your-router-vulnerable-to-vpnfilter-malware
ecstatic
(32,688 posts)if 1) I was not using the default admin credentials (I changed password immediately after purchase), 2) I had updated firmware, and 3) never had Remote Management enabled?? I checked out the Netgear forums and the details are kind of lacking.
moondust
(19,974 posts)that you're okay judging by those 3 things you've done right. But I'm not an expert on it so that's only a guess.
Tess49
(1,579 posts)Is it my netgear I need to reset? Geez. Where's my 12 yr/old grandson when I need him?
moondust
(19,974 posts)would be a cable modem. Apparently that's not a problem.
The issue would lie with your Netgear router if it's one of those affected (see list). The Netgear site has firmware if needed and other information on what to do:
https://community.netgear.com/t5/General-WiFi-Routers/Security-Advisory-for-VPNFilter-Malware-on-Some-Routers/td-p/1576170