FBI says to reboot your home or small office router – NOW
Routers made by Linksys, Mikrotik, Netgear, QNAP, and TP-Link, in particular, are at risk of infection by a piece of malware called VPNFilter. This malware has the capabilities to collect data, plus be used to carry out large-scale cyber attack operations. Officials at the FBI are recommending that all brands of small office and home office routers be rebooted (essentially, turn the device off and back on again after about 30 seconds) to clear out the malware and mitigate damage.
We have checked with SonicWall directly, which is the brand that we have installed as a matter of preference for years, and they indicate that their devices are NOT at risk for this malware.
Other recommended steps are to update your devices firmware, be sure to use a secure password on your device, and consider disabling remote management tools.
There are three stages to VPNFilter — a persistent stage 1 and non-persistent stages 2 and 3. Because of how the malware works, rebooting will clear out stages 2 and 3 and mitigate most problems. If you want to go a step further and remove step 1, you must reset your device back to factory defaults. If you are unsure how to complete this, contact the manufacturer of your device – usually it can be done by inserting a paper clip into the ‘reset’ button on the back or bottom of your device and holding it in place for a few seconds. This will return the device to it’s same condition as when it came out of the box new so any programming in place will have to be performed again.