Friday, the FBI issued an alert that hundreds of thousands of broadband routers have been infected with a malware named VPNFilter.
Many ARG clients have installed broadband services as a backup or as primary service to their smaller locations. Immediate action is advised.
So far, the malware has been detected on the following routers:
Linksys Devices:
E1200
E2500
WRVS4400N
Mikrotiik Devices:
1016
1036
1072
NETGEAR Devices:
DGN2200
R6400
R7000
R8000
WNR1000
WNR2000
The first immediate step the FBI recommends is to restart the router. You may have a power button on the back, or the router can be unplugged, wait for 15 seconds, then re-plug the router. Restarting the router provides a temporary interruption of the malware.
Further steps include the following:
- Reset the router to its factory settings
- Establish a strong password
- Update the firmware
- If the router is WIFI enabled, ensure you are using WPA2
- Turn off remote router administration if feasible with your management framework
Following these steps will reset your passwords and require reestablishment of devices accessing the service via WIFI.
If you would like further information about this threat, Forbes just published a good summary. Please think of ARG as your independent security consultant. Contact your account team, call 703-734-3500, or email info@myarg.com for further details.
