A massive router malware attack has been spotted by security experts, infecting many home routers around the world, and there’s a very good chance yours is one of them.
It’s not just routers, either. Along with routers made by Linksys, Netgear, TP-Link and Mikrotik, network-attached storage devices (NAS) made by QNAP have also been targeted.
Researchers from Cisco’s Talos security unit put the pieces together on this one, discovering hundreds of thousands of devices have been hit by malware called VPNFilter.
This software is nasty, able to collect data travelling over the router and even killing the device if so desired. And what malware would be complete without the ability to be used to participate in attacking other devices too?
The good news? The FBI has managed to take control of a domain that was working as part of the malware attack.
According to the FBI public service announcement, every owner of “small office and home office routers” should reboot the devices by simply switching them off and on again.
By rebooting an infected device it should either wipe the malware or it will attempt to contact the domain that the FBI now controls, which will help the FBI to notify anyone who made need assistance fully wiping the malware from their hardware.
As for how to prevent further damage, the usual digital hygiene rules apply:
- Use strong passwords and change passwords where infections are suspected.
- Make sure you run regular security updates, not just on your computers but also on routers and NAS devices.
- Turn off remote access features if you don’t use them.
You should probably reach out and tell your friends, family, grandparents… you know the people you need to tell…
/Beyond is ScienceAlert’s new section covering the wider world of gadgets, games, and digital culture.