Last weekend, if some found that their Internet was running rather slowly, there is a reason. Apparently, there was a product of malware released throughout the world that infects routers. The origin of the malicious software is believed to be from a group linked to the Russian military.
The FBI issued a warning: Turn your router off and then back on again.
Called VPN filter, the first stage of the malware attacks gets into the workings of the router, but it needs to connect with another part of the network to download the second stage of the attack. Afterwards, hackers have control of the devices connected to the Internet.
According to a report from The Washington Post, Cisco’s Talos security group estimates that approximately 500,000 devices around the world may have been affected by the malware, including routers made by major manufacturers. While the FBI recently seized a critical part of the network that runs this attack, the agency still recommends that everyone reset their router.
Ashley Stephenson of Corero Network Security says that, “simply unplugging your router may not seem as if it could do much for your security. “Resetting the router sets the malware back to “Stage One.”
Now that the FBI has control over part of the network, routers trying to enter that second stage will send information to the agency instead of hackers, Stephenson explained.
Just hitting the power button without actually updating the router would leave people at risk, software experts have warned. For optimal security, they say people should download the latest firmware for their devices and change their password to further guard themselves against infection.
“Until now, we haven’t seen malware on IoT that could survive the reboot,” said Liviu Arsene, senior analyst at BitDefender. “If this malware survives the reboot, it’s a pretty big deal.”