Have the Russians hacked your router? The FBI says maybe.
All small office and home office routers, QNAP and NAS devices need to be rebooted to ward off trouble according to a public service announcement from the FBI last month. The PSA stated that Russian hackers have compromised hundreds of thousands of home and office devices with VPNFilter malware.
As scary as it sounds, the fix is almost as easy as it gets. Simply unplug your device from the wall or power source, wait 10 seconds then plug it back in.
Here’s what you need to know about VPNFilter and the devices that are affected. VPNFilter is a newly found malware which is “able to render small office and home office routers inoperable” according to the FBI. The malware can collect information passing through the router. A recent report from Cisco’s intelligence group states that over half a million routers are infected with VPNFilter. The Russian hackers, who call themselves “The Sofacy Group”, are believed to be responsible for the infections and have been controlling infected devices.
So is your device infected? Only a small number of older routers are known to be affected by this malware. These devices include:
- Linksys E1200, E2500, WRVS4400N
- Mikrotik Routeros Versions for Cloud Core Routers 1016, 1036 1072
- Netgear Devices DGN2200, R6400, R7000, R8000, WNR1000, WNR2000
- QNAP Devices TS251, TS439 Pro and other NAS devices running QTS software
- TP Link Device R600VPN
Most likely your router is not affected but the Cisco report clearly states that they aren’t certain these are the only infected devices. If your router is on this list, reset it right away. That’s not just a reboot- you will need to factory reset it.
So what now? The FBI, for now, is only suggesting everyone reboot but if you want to be completely certain that the device isn’t infected, you’ll need to factory reset it. Make sure you have the user guide for the router before you start a reset. Typically, you’ll need to hold down the reset button found on the outside of the router, and once that’s been done, you’ll need to go through the process of reconfiguring your router, including setting up your Wi-Fi network and passwords again.
If you have questions about how to reboot or reset your router, give us a call at 314-822-8090. Also, if the FBI recommends anything further in the future, stay tuned to our blog for updates. For more information about averting malware, visit our backup and disaster recovery page.