May 28, 2018
The FBI is urging owners of office and home office routers to reboot after a "significant" malware attack.
According to the FBI, the attack compromised "hundreds of thousands of home and office routers."
A group of foreign actors used VPNFilter malware, which can stop routers from operating altogether and can possibly collect information passing through them.
The group that conducted the attack is known as the Sofacy Group, believed to be controlled by Russian intelligence and responsible for the hack of the Democratic National Committee before the 2016 presidential election, the New York Times reports.
VPNFilter malware has a unique quality in that it can remain on an infected device even after a reboot. Talos, the threat intelligence agency for Cisco, estimated that 500,000 devices in 54 countries have been infected.
Talos said that the following device manufacturers are known to be affected by the malware: Linksys, MikroTik, NETGEAR and TP-Link. QNAP storage devices are also known to be affected.
The FBI asked that the owners of small office and home office routers reboot to "temporarily disrupt the malware and aid the potential identification of infected devices."
Owners are also encouraged to disable remote management systems and use strong passwords and encryption. Network devices should also be updated to the latest versions of firmware.
