The FBI wants you to switch your router off and on again

It's to fight back against Russian malware infecting household networks.
Publish date:

What's happening?

There is growing concern about a Russian cyberattack that is targeting the consumer and small business internet routers.

The malware attack called "VPNFilter" has been happening since 2016, but hackers have stepped up the attack in recent weeks to the point it's prompted the FBI to issue guidance to all router owners.

What do they want you to do?

Switch your router off and on again, basically.

The hack happens in three stages, the first stage being the malware establishing itself as a presence in your router.

The second collect files stored on your router (your personal data) and even has the capability of destroying the router completely, while the third stage can spy on the traffic routed through your device (including your website passwords). 

If you switch your router off and on again, it should stop Stage 1 from becoming Stages 2 and 3 at least for the time being and give the FBI more time to figure out which routers are already infected.

Today's Top Stories

– Twin Cities expected to surge to record May heat on Memorial Day.

– Spam recalls 228,000 pounds of cans after metal shards cause injuries.

– NEW: Follow Bring Me The News on Flipboard.

And if you find your router is already infected with Stage 1, Symantec advises you carry out a "hard reset" of your device by holding down the small reset switch that should be on your router for 5-10 seconds.

This wipes any configurations or passwords you have stored on the router, so you'll need to re-enter these upon reboot.

Which routers are affected?

The FBI says all internet users should reboot their routers by switching off and on, but the Cisco blog post says more than 500,000 routers have already been infected across 54 countries.

Even though rebooting your router temporarily stops Stages 2 and 3, it doesn't wipe Stage 1 from your device, which is why a hard factory reset is needed as well as installing the latest patches from the maker of your router.

While it's hard to figure out if your router has been infected with Stage 1, the owners of the following devices should carry out a hard factory reset as soon as possible:

  • Linksys E1200
  • Linksys E2500
  • Linksys WRVS4400N
  • Mikrotik RouterOS for Cloud Core Routers: Versions 1016, 1036, and 1072
  • Netgear DGN2200
  • Netgear R6400
  • Netgear R7000
  • Netgear R8000
  • Netgear WNR1000
  • Netgear WNR2000
  • QNAP TS251
  • QNAP TS439 Pro
  • Other QNAP NAS devices running QTS software
  • TP-Link R600VPN

Next Up

police lights

AMBER Alert: Missing 2-year-old found safe

The alert was issued Sunday evening.

Irv Cross

NFL Pro-Bowler, Twin Cities broadcaster Irv Cross dies at 81

Cross was a Pro Bowl cornerback, but his biggest impact was made after his career.


Here's how much snow fell in Minnesota on Sunday

Some localized areas saw more than expected.

Lindsay Guentzel

For The Week: What's harder than making a meal plan? Sticking to it!

Lindsay Guentzel says you shouldn't give up on your meal planning routines.

snow, plow

Winter storm warnings issued as snow system shifts in Minnesota

The worst of the snow will now hit further north, affecting areas including St. Cloud and the I-94 corridor.

Matt Dumba

Matt Dumba beats the clock to give Wild sixth straight win

Dumba scored as overtime came to a close for another Wild victory.

Karl-Anthony Towns

Bradley Beal terrorizes Timberwolves in loss to Wizards

Beal and the Wizards handed the Wolves their seventh straight defeat.

Marcus Carr / Gopher basketball

Gophers tourney hopes take another blow with loss to Nebraska

Marcus Carr scored a career-high 41 points, but Minnesota is still winless on the road.


The Tip Jar: How to save some money on your internet service

I did it to save money. And now I want to help you save money as well.

These Minnesota words feature in 100,000 'most hacked' passwords list

It follows a wide-ranging study by the U.K. intelligence agency, G.C.H.Q.

Toys that connect to the internet could be spying on kids, FBI warns

Authorities worry about exploitation and identity fraud.

Hennepin County hit by cyberattack, emails compromised

Hackers gained access through phishing emails.

Employers could soon start helping you pay off your student debts

A new program allows companies to help employees with student loans.

The Tip Jar: How much money can you save giving up your car commute?

We had a race – car vs. bike vs. bus – to see whether it's worth your time giving up your car.

Google is going to stop scanning your emails to target you with ads

Didn't know Google has been doing this? It's been going on a long time.

Leaving your phone in an Uber will now cost you

Drivers weren't happy with the previous policy.