In April, U.S. and United Kingdom security agencies warned that Russian cybercriminals have been infecting routers and other devices with malware to gain access to information and intellectual property, ZDNET reported.
The FBI said owners of any small-office/home-office (SOHO) routers should reboot their devices, but that won't fully get rid of the malware. The FBI also recommends you upgrade your firmware, change your network password, and disable any remote-management systems to decrease the chances of the malware infiltrating your system. But it may only take a minute to make sure a router is safe by unplugging the device and waiting at least 30 seconds before plugging it back in.
It's not known how the attackers initially infected the routers, but Symantec noted in its report on VPNFilter that many of them have known vulnerabilities. The malware is capable of collecting personal information that passes through the infected routers, block web traffic and disable the devices. Turning the router on and off temporarily disrupts the malware and erases parts of it, though the router can be reinfected. The Department of Homeland Security simply says the size and scope of the malware infection is "significant". Because the Justice Department recently obtained a court order allowing it to take possession of a key domain name used by the malware to remotely take control of routers. Therefore, everyone should follow the below recommendations to harden and secure their routers regardless of the make and manufacturer. That group, which is also known as APT 28 and Fancy Bear and believed to be directed by Russia's military intelligence agency, hacked the Democratic National Committee before the 2016 presidential election, according to USA and European intelligence agencies.More news: This College Football Stat Might Predict The NBA Finals Champion
More news: Tests rule out bats as source of Nipah virus in Kerala
More news: IN teacher released from hospital after being shot while stopping school shooting
Your internet router might be spying on you. "The initial infection vector for this malware is now unknown".
A full list of compromised routers can be found here.