It is being reported by multiple news sources that a Russian-backed malware infection is in the wild and reeking havoc on wifi-routers across the globe. Alyssa Newcomb, reporting for NBC News says "more than half a million devices have already been compromised- with more likely to be targeted over the next few weeks." On Tuesday, the FBI issued an urgent warning to anyone using a home "or small office Internet router" to unplug it and wait 30 seconds and then plug it in again. This is supposed to at least temporarily halt the spread of the malware.
Deemed VPNFilter, this malware can infect your device and then use it as a "jump-off" point to launch more attacks. The goal of this particular infection is to steal your personal information, damage your router and potentially slow down your Internet access tremendously. It is now estimated that over 54 countries have been impacted and according to Talos, a branch of Cisco security, devices "manufactured by Linksys, MikroTik, NetGear and TP-Link were among those to have been affected."
If you haven't changed the default password for these routers, it is recommended that you do so immediately. Also being recommended is to update the firmware on the router or even replace your router if it is a few years old. Evidently, this Russian-linked malware has been around since early 2016. What's most troubling is the fact that you can't readily know if your device has been infected.
For more information please see FBI Public Service Announcement from May 25, 2018. In it, they will discuss the technical details of the threat and how they believe you can best defend your system. The Department of Justice has also released information on the Russian-linked infection where it believes the threat is like a Botnet and they announced "an effort to disrupt a global botnet...."
https://www.nbcnews.com/tech/security/fbi-warns-about-russia-linked-malware-threat-home-routers-questions-n878276
Comments