FBI urging public to reboot routers to stop Russian malware

POOLCISCO

POOLCISCO

The malware system, dubbed "VPNFilter", has been traced back to Russia's Sofacy Group, also known as Fancy Bear or APT28, which is believed to be controlled by Russian military intelligence.

Last week, we told you how the USA government was seeking to wrestle control of hundreds of thousands of routers and storage devices infected by the malware, reportedly created in Russian Federation.

The FBI Internet Crime Complaint Center (IC3) sent out a public service announcement saying, "foreign cyber actors have compromised hundreds of thousands of home and office routers and other networked devices worldwide".

The malware can collect information, block network traffic and exploit devices in other ways.

Last week the Federal Bureau of Investigation seized a website that the hackers planned to use to give instructions to the routers. Each time it happens, a device lights up, showing where in the world the attack originated.

He says the best thing you can do to disrupt VPNFilter is to unplug your router and let it reboot. The agency also recommends disabling your routers' remote-management settings and updating the password you use to access your router's settings.

Mega Man 11 Gearing up for an October Release
Light and Mega Man are back to foil the evil doctor's plans and destroy the villainous robots he has unleashed. Mega Man is getting another Amiibo figurine, this time based around a 30th anniversary model.

Sofacy, also known as APT28 and Fancy Bear, has been blamed for numerous most dramatic Russian hacks, including that of the Democratic National Committee during the 2016 USA presidential campaign.

After resetting the device, you'll need to log in to its administrative page using a Web browser.

You'll also want to make sure your device has the latest firmware updates.

High-availability and always-on connectivity without maintenance windows or downtime has been a prized attribute of IT departments for many years, and the idea that simply power-cycling a device can fix problems has often been seen as a solution of last resort.

Use strong passwords and change passwords where infections are suspected. At issue is a technology called "Wi-Fi Protected Setup" (WPS) that ships with many routers marketed to consumers and small businesses.

Router manufacturers Linksys, MikroTik, Netgear, QNAP and TP-Link have posted instructions for users to follow to update their routers' software.

Latest News