router hack

The FBI has advised owners of internet routers worldwide to reboot their devices in order to disrupt and help better identify a malware-driven botnet called VPNFilter.

“Owners are advised to consider disabling remote management settings on devices and secure with strong passwords and encryption when enabled. Network devices should be upgraded to the latest available versions of firmware,” the FBI said in their alert.

VPNFilter is thought to have infected approximately 500,000 routers, and has been linked to hacking activity and cyber espionage from the Russian government. Ukraine has been the biggest target of the malware, where the goal is thought to be the active disruption of connectivity there in advance of a major national holiday.

Talos, Cisco’s cybersecurity team announced more of their findings and research in a blog released last week: “The behavior of this malware on networking equipment is particularly concerning, as [it] allows for theft of website credentials and… has a destructive capability that can render an infected device unusable… and has the potential of cutting off internet access for hundreds of thousands of victims worldwide.”

The DOJ confirmed that the FBI was actively working on disrupting the botnet.

Read more here.