The FBI has a message for you: Reboot your router
The same Russian group who hacked the Democratic National Committee has also hacked into hundreds of thousands of routers worldwide, thanks to a new malware bug known as VPNFilter, ITaP security staff warns.
But the fix is simple, according to the FBI. All you need to do is reboot your router.
If unchecked, VPNFilter can collect information that passes through your router (think browser history or sensitive information such as passwords), exploit devices connected to the router and block network traffic.
The FBI has asked that everyone, regardless of brand or type, reboot their router and update their firmware, but according to Cisco, the most holistic solution is to conduct a factory reset. And, according to Symantec, the routers most likely affected include:
- Linksys E1200
- Linksys E2500
- Linksys WRVS4400N
- Mikrotik RouterOS for Cloud Core Routers: Versions 1016, 1036, and 1072
- Netgear DGN2200
- Netgear R6400
- Netgear R7000
- Netgear R8000
- Netgear WNR1000
- Netgear WNR2000
- QNAP TS251
- QNAP TS439 Pro
- Other QNAP NAS devices running QTS software
- TP-Link R600VPN
Finally, the FBI also recommends resetting your router’s password and disabling any remote-management settings.
For more information on cybersecurity at Purdue visit the SecurePurdue website.
UPDATE: On June 6, the Cisco cyber security group, Talos, updated the list of affected routers. The list now includes the following and likely more to come:
ASUS DEVICES:
- RT-AC66U
- RT-N10
- RT-N10E
- RT-N10U
- RT-N56U
- RT-N66U
D-LINK DEVICES:
- DES-1210-08P
- DIR-300
- DIR-300A
- DSR-250N
- DSR-500N
- DSR-1000
- DSR-1000N
HUAWEI DEVICES:
- HG8245
LINKSYS DEVICES:
- E1200
- E2500
- E3000
- E3200
- E4200
- RV082
- WRVS4400N
MIKROTIK DEVICES:
- CCR1009
- CCR1016
- CCR1036
- CCR1072
- CRS109
- CRS112
- CRS125
- RB411
- RB450
- RB750
- RB911
- RB921
- RB941
- RB951
- RB952
- RB960
- RB962
- RB1100
- RB1200
- RB2011
- RB3011
- RB Groove
- RB Omnitik
- STX5
NETGEAR DEVICES:
- DG834
- DGN1000
- DGN2200
- DGN3500
- FVS318N
- MBRN3000
- R6400
- R7000
- R8000
- WNR1000
- WNR2000
- WNR2200
- WNR4000
- WNDR3700
- WNDR4000
- WNDR4300
- WNDR4300-TN
- UTM50
QNAP DEVICES:
- TS251
- TS439 Pro
- Other QNAP NAS devices running QTS software
TP-LINK DEVICES:
- R600VPN
- TL-WR741ND
- TL-WR841N
UBIQUITI DEVICES:
- NSM2
- PBE M5
UPVEL DEVICES:
- Unknown Models
ZTE DEVICES:
- ZXHN H108N
Writer: Kirsten Gibson, technology writer, Information Technology at Purdue (ITaP), 765-494-8190, gibson33@purdue.edu.
Last updated: June 7, 2018