Skip to main content
Publish date:

The FBI wants you to switch your router off and on again

It's to fight back against Russian malware infecting household networks.
Author:

What's happening?

There is growing concern about a Russian cyberattack that is targeting the consumer and small business internet routers.

The malware attack called "VPNFilter" has been happening since 2016, but hackers have stepped up the attack in recent weeks to the point it's prompted the FBI to issue guidance to all router owners.

What do they want you to do?

Switch your router off and on again, basically.

The hack happens in three stages, the first stage being the malware establishing itself as a presence in your router.

The second collect files stored on your router (your personal data) and even has the capability of destroying the router completely, while the third stage can spy on the traffic routed through your device (including your website passwords). 

If you switch your router off and on again, it should stop Stage 1 from becoming Stages 2 and 3 at least for the time being and give the FBI more time to figure out which routers are already infected.

Today's Top Stories

– Twin Cities expected to surge to record May heat on Memorial Day.

– Spam recalls 228,000 pounds of cans after metal shards cause injuries.

– NEW: Follow Bring Me The News on Flipboard.

And if you find your router is already infected with Stage 1, Symantec advises you carry out a "hard reset" of your device by holding down the small reset switch that should be on your router for 5-10 seconds.

This wipes any configurations or passwords you have stored on the router, so you'll need to re-enter these upon reboot.

Which routers are affected?

The FBI says all internet users should reboot their routers by switching off and on, but the Cisco blog post says more than 500,000 routers have already been infected across 54 countries.

Even though rebooting your router temporarily stops Stages 2 and 3, it doesn't wipe Stage 1 from your device, which is why a hard factory reset is needed as well as installing the latest patches from the maker of your router.

While it's hard to figure out if your router has been infected with Stage 1, the owners of the following devices should carry out a hard factory reset as soon as possible:

  • Linksys E1200
  • Linksys E2500
  • Linksys WRVS4400N
  • Mikrotik RouterOS for Cloud Core Routers: Versions 1016, 1036, and 1072
  • Netgear DGN2200
  • Netgear R6400
  • Netgear R7000
  • Netgear R8000
  • Netgear WNR1000
  • Netgear WNR2000
  • QNAP TS251
  • QNAP TS439 Pro
  • Other QNAP NAS devices running QTS software
  • TP-Link R600VPN

Next Up

Target store

Target's gift card discount is back, but for this weekend only

The fine print: for Target Circle members only (but membership is free).

Screen Shot 2020-06-15 at 7.11.05 AM

Minneapolis teen arrested in St. Cloud after fleeing police in stolen vehicle

The vehicle was stolen in a car-jacking in Minneapolis Thursday.

snow, blowing snow

Winter storm warnings issued with heavy snow set to slam MN

Parts of northern Minnesota could see more than a foot of snow, but there won't be much in the Twin Cities.

D'Angelo Russell

With KAT out, Timberwolves can't upset Nets

D'Angelo Russell stepped up but couldn't overcome Brooklyn's firepower.

Everson Griffen Vikings dot com

Everson Griffen confirms he has bipolar disorder

"I’ve been running from it a long time. I’m not ashamed of it anymore.”

Angela Renee Jones, St. Cloud murder suspect

St. Cloud suspect now charged in two local murder cases

Both murders happened within a day of each other in June.

st anthony 3 crop

Twin Cities police ask for help finding missing 16-year-old

Police say all her family and friends have been contacted, and none of them know where she is.

mpd suspect 12.3.21 - 1 - CROP

MPD releases photos of shooting suspect, asks for public's help

The man is wanted in connection with a fatal shooting that happened Wednesday evening.

redmons popcorn colbert 2

Support grows for Redmon's Popcorn after shop's sudden closure

The county also commented on the situation, saying it hopes to help owner Zack Redmon.

prior lake high school

Prior Lake HS investigating another 'racist' video involving student

The principal said the social media video was reported to them this week.

Related

The Tip Jar: How to save some money on your internet service

I did it to save money. And now I want to help you save money as well.

These Minnesota words feature in 100,000 'most hacked' passwords list

It follows a wide-ranging study by the U.K. intelligence agency, G.C.H.Q.

Toys that connect to the internet could be spying on kids, FBI warns

Authorities worry about exploitation and identity fraud.

Hennepin County hit by cyberattack, emails compromised

Hackers gained access through phishing emails.

Employers could soon start helping you pay off your student debts

A new program allows companies to help employees with student loans.

The Tip Jar: How much money can you save giving up your car commute?

We had a race – car vs. bike vs. bus – to see whether it's worth your time giving up your car.

Google is going to stop scanning your emails to target you with ads

Didn't know Google has been doing this? It's been going on a long time.

Leaving your phone in an Uber will now cost you

Drivers weren't happy with the previous policy.