IMPORTANT – Malware Attack on Routers and Storage Devices – Take Action
Over 500,000 home and small business routers infected
The FBI has announced that a Russian hacking group has infected over half a million home and small business routers with a malware virus named VPNFilter. This is serious enough to be deemed a national security threat by the US government.
If you are connecting to the internet via a router – and almost everyone is – you need to take the following steps to prevent theft of information (including passwords,) misuse of your computers for everything from DDOS attacks to cryptocurrency mining, and potential permanent disablement of attached devices (“bricking.”)
First, reboot all routers and modems.
Second, update the firmware on your router(s.) This is relatively simple to do, but not something everyone has experience with. You can find instructions for how to do so by entering your router’s make and model, along with “firmware update” into an internet browser. You will typically go to a web address, enter the admin username and password for your router, and be able to access the control panel.
Third, make sure that you have changed your admin password and no longer use the “default” password that came with your hardware.
Side note – one of the most common reasons for businesses to fail their PCI/DSS security scans is failure to change the default admin password on their routers. You should assume that bad guys know the default passwords for every single electronic device that ever came out of a factory, anywhere. Not changing the password is laying out a big welcome mat for hackers.
Having changed the password, reboot the system again. This should cover you and neutralize the VPNFilter malware.
You can read more about this very real security threat here:
https://blog.talosintelligence.com/2018/05/VPNFilter.html
With the official FBI release here:
https://www.ic3.gov/media/2018/180525.aspx
Do Not Delay in taking action; your security and your devices are at risk.
Links to router manufacturer sites for update instructions:
Linksys: https://www.linksys.com/us/support-article?articleNum=140672
NetGear: https://kb.netgear.com/000058814/Security-Advisory-for-VPNFilter-Malware-on-Some-Routers
ASUS: https://www.asus.com/Commercial-Networking/
D-Link: https://www.mydlink.com/download#