The FBI has a message for you: Reboot your router

The same Russian group who hacked the Democratic National Committee has also hacked into hundreds of thousands of routers worldwide, thanks to a new malware bug known as VPNFilter, ITaP security staff warns.

But the fix is simple, according to the FBI. All you need to do is reboot your router.

If unchecked, VPNFilter can collect information that passes through your router (think browser history or sensitive information such as passwords), exploit devices connected to the router and block network traffic.

The FBI has asked that everyone, regardless of brand or type, reboot their router and update their firmware, but according to Cisco, the most holistic solution is to conduct a factory reset. And, according to Symantec, the routers most likely affected include:

  • Linksys E1200
  • Linksys E2500
  • Linksys WRVS4400N
  • Mikrotik RouterOS for Cloud Core Routers: Versions 1016, 1036, and 1072
  • Netgear DGN2200
  • Netgear R6400
  • Netgear R7000
  • Netgear R8000
  • Netgear WNR1000
  • Netgear WNR2000
  • QNAP TS251
  • QNAP TS439 Pro
  • Other QNAP NAS devices running QTS software
  • TP-Link R600VPN

Finally, the FBI also recommends resetting your router’s password and disabling any remote-management settings.

For more information on cybersecurity at Purdue visit the SecurePurdue website.

UPDATE: On June 6, the Cisco cyber security group, Talos, updated the list of affected routers. The list now includes the following and likely more to come: 

ASUS DEVICES:

  • RT-AC66U 
  • RT-N10 
  • RT-N10E 
  • RT-N10U 
  • RT-N56U 
  • RT-N66U 

D-LINK DEVICES:

  • DES-1210-08P 
  • DIR-300 
  • DIR-300A 
  • DSR-250N 
  • DSR-500N 
  • DSR-1000 
  • DSR-1000N 

HUAWEI DEVICES:

  • HG8245 

LINKSYS DEVICES:

  • E1200
  • E2500
  • E3000 
  • E3200 
  • E4200 
  • RV082 
  • WRVS4400N

MIKROTIK DEVICES:

  • CCR1009 
  • CCR1016
  • CCR1036
  • CCR1072
  • CRS109 
  • CRS112 
  • CRS125 
  • RB411 
  • RB450 
  • RB750 
  • RB911 
  • RB921 
  • RB941 
  • RB951 
  • RB952 
  • RB960 
  • RB962 
  • RB1100 
  • RB1200 
  • RB2011 
  • RB3011 
  • RB Groove 
  • RB Omnitik 
  • STX5 

NETGEAR DEVICES:

  • DG834 
  • DGN1000 
  • DGN2200
  • DGN3500 
  • FVS318N 
  • MBRN3000
  • R6400
  • R7000
  • R8000
  • WNR1000
  • WNR2000
  • WNR2200 
  • WNR4000 
  • WNDR3700 
  • WNDR4000 
  • WNDR4300 
  • WNDR4300-TN 
  • UTM50 

QNAP DEVICES:

  • TS251
  • TS439 Pro
  • Other QNAP NAS devices running QTS software

TP-LINK DEVICES:

  • R600VPN
  • TL-WR741ND 
  • TL-WR841N 

UBIQUITI DEVICES:

  • NSM2 
  • PBE M5 

UPVEL DEVICES:

  • Unknown Models 

ZTE DEVICES:

  • ZXHN H108N 

Writer: Kirsten Gibson, technology writer, Information Technology at Purdue (ITaP), 765-494-8190, gibson33@purdue.edu.

Last updated: June 7, 2018