FBI urging public to reboot routers to stop Russian malware

Tuesday, May 29, 2018
SAN FRANCISCO -- The FBI is urging the public to reboot their home routers, the device that is the gateway to the internet for a wide array of electronic devices, due to a major malware attack.

As many as 500,000 devices in 54 countries might be compromised.


[Ads /]
The vulnerability is serious because the FBI says the malware, called "VPNFilter," can interrupt internet access, steal information from users, and use the device to spread malware.

The magnitude of the potential damage is growing because of IoT, the Internet of Things.

The number of devices in homes connected to the internet worldwide stands at 23 billion.



IoT started with computers, phones and tablets, but quickly has expanded to include voice-over-internet phone services, doorbells, security camera networks, thermostats, connected home devices such as Alexa, and even refrigerators.

VIDEO: How to reboot your router to avoid malware
FBI warns public to reboot their routers to avoid Russian-linked malware


Typically, consumer or small business grade routers do not have anti-virus protection. "They're designed to be remotely accessed, so in a sense, these are houses with front doors where they may be locked but they're not locked as securely as we might like them to be because they have to things -- bytes -- in and out," said technology analyst Larry Magid.
[Ads /]
Magid tells ABC7 News that rebooting a home router is simple. For most devices, it entails unplugging the device for at least 10 seconds, then plugging it back in, then waiting for 30 seconds to a minute before restarting the device.

However, the FBI is also recommending that users upgrade their firmware and change the password.

Magid says that step will confound a high percentage of people because the router was installed by their internet service provider technician. "A lot of people have no idea what their password is, have no idea how to access the control panel to change their password or update the firm," said Magid.



The FBI has seized, with court approval, a website that appears to be the source of the malware distribution and control. It is suspected to have ties to Russia and, for several years, has been suspected of malicious targeting of sensitive technology used by government, the military, utility companies and others.

Here is a list of known affected routers, compiled and posted by Symantec:
[Ads /]
  • Linksys (models E1200, E2500 & WRVS4400N)

  • Mikrotik RouterOS Versions for Cloud Core Routers (versions 1016, 1036 & 1072)

  • Netgear (models DGN2200, R6400, R7000, R8000, WNR1000 & WNR2000)

  • QNAP (models TS251 & TS439 Pro)

  • Other QNAP NAS devices running QTS software

  • TP-Link R600VPN


VIDEO: Why the FBI wants you to reboot your home internet router
FBI urging public to reboot routers to stop Russian malware


----------
* More local news
* Send us a news tip
* Download the abc7NY app for breaking news alerts
Copyright © 2024 KGO-TV. All Rights Reserved.