Friday, the FBI issued an alert that hundreds of thousands of broadband routers have been infected with a malware named VPNFilter.
Many ARG clients have installed broadband services as a backup or as primary service to their smaller locations. Immediate action is advised.
So far, the malware has been detected on the following routers:
The first immediate step the FBI recommends is to restart the router. You may have a power button on the back, or the router can be unplugged, wait for 15 seconds, then re-plug the router. Restarting the router provides a temporary interruption of the malware.
Further steps include the following:
- Reset the router to its factory settings
- Establish a strong password
- Update the firmware
- If the router is WIFI enabled, ensure you are using WPA2
- Turn off remote router administration if feasible with your management framework
Following these steps will reset your passwords and require reestablishment of devices accessing the service via WIFI.
If you would like further information about this threat, Forbes just published a good summary. Please think of ARG as your independent security consultant. Contact your account team, call 703-734-3500, or email firstname.lastname@example.org for further details.