FBI Urging Everyone To Reboot Routers To Stop Russian Malware Attack

The FBI says a malware called VPNFilter can interrupt internet access, steal information from users and use the device to spread malware. As many as 500,000 devices in 54 countries may have been compromised.

Routers that are known to be affected by VPNFilter:

Netgear®
• Netgear DG834
• Netgear DGN1000
• Netgear DGN2200
• Netgear DGN3500
• Netgear FVS318N
• Netgear MBRN3000
• Netgear R6400
• Netgear R7000
• Netgear R8000
• Netgear WNR1000
• Netgear WNR2000
• Netgear WNR2200
• Netgear WNR4000
• Netgear WNDR3700
• Netgear WNDR4000
• Netgear WNDR4300
• Netgear WNDR4300-TN
• Netgear UTM50

Others
• Huawei HG8245

• TP-Link R600VPN
• TP-Link TL-WR741ND
• TP-Link TL-WR841N
• Ubiquiti NSM2
• Ubiquiti PBE M5
• Some Upvel Devices
• ZTE Devices ZXHN H108N


Linksys™
• Linksys E1200
• Linksys E2500
• Linksys E3000
• Linksys E3200
• Linksys E4200
• Linksys RV082
• Linksys WRVS4400N

DLINK®
• D-Link DES-1210-08P
• D-Link DIR-300
• D-Link DIR-300A
• D-Link DSR-250N
• D-Link DSR-500N
• D-Link DSR-1000
• D-Link DSR-1000N

QNAP®
• QNAP TS251
• QNAP TS439 Pro
• QNAP NAS devices running QTS software

Asus™
• Asus RT-AC66U
• Asus RT-N10
• Asus RT-N10E
• Asus RT-N10U
• Asus RT-N56U
• Asus RT-N66U

MikroTik®
• MikroTik CCR1009
• MikroTik CCR1016
• MikroTik CCR1036
• MikroTik CCR1072
• MikroTik CRS109
• MikroTik CRS112
• MikroTik CRS125
• MikroTik RB411
• MikroTik RB450
• MikroTik RB750
• MikroTik RB911
• MikroTik RB921
• MikroTik RB941
• MikroTik RB951
• MikroTik RB952
• MikroTik RB960
• MikroTik RB962
• MikroTik RB1100
• MikroTik RB1200
• MikroTik RB2011
• MikroTik RB3011
• MikroTik RB Groove
• MikroTik RB Omnitik
• MikroTik STX5

If you have any of the routers listed above, the FBI advises you to reboot your device immediately. Rebooting your router is easy, just unplug it, count to ten, then plug it back in.

According to the FBI, doing this will help disrupt the malware and help to identify infected devices. In addition to rebooting the router, users are also advised to disable remote management settings, update the router's firmware and change the router password.

If you do not know what firmware is or do not know how to update the firmware, please ask someone for assistance or just replace your router ASAP with a model not on this list.

If your router was not on the list of affected devices, now may be a good time to reboot your device and update your settings.

Sign-up for our Weekly Cybersecurity Tips Emails

Stay up to date with the latest cyber security threats. Get information on things you can do to protect yourself online with our Weekly Cyber Security Tips emails.