Reboot Router to disrupt Russian malware

DeafDucky

Well-Known Member
#1
Good advice.

I'll be doing it later today. Even if you think you aren't affected- can't hurt to do this anyway.

https://www.inc.com/minda-zetlin/fb...alware-vpnfilter-sofacy-group.html?cid=hmsub3

If, like millions of Americans, you have a router in your home or office, it might already be infected by Russian malware named VPNFilter. VPNFilter can interfere with your router's functioning, spy on information being sent over the router, and even render it "inoperable," according to an FBI statement about the threat.
But there's a simple step you can take right now that will likely prevent damage: Reboot your router, which can usually be accomplished by unplugging its power cord for 10 seconds and then plugging it back in. Why will this help? Because the Justice Department recently obtained a court order allowing it to take possession of a key domain name used by the malware to remotely take control of routers. Rebooting your router will disrupt any malware currently on it, and the DOJ seizure should prevent the Russian malware from re-installing itself, at least for now, according to The New York Times.
The Times reports that the malware is being spread by the Sofacy Group, which hacked the Democratic National Committee before the 2016 election and is thought to be controlled by Russian military intelligence. An analysis by Cisco's threat intelligence group says that VPNFilter has already taken control of at least half a million routers in countries around the world. It says that many popular router brands were infected, including Linksys, MikroTik, Netgear, and TP-Link.
In addition to a reboot, the FBI also recommends the following:
1. Update your router's firmware.
Make sure your router and any other network devices you are using are updated to the latest firmware.
2. Double down on security.
Change your router password to a strong one, if it isn't already. And enable encryption, if that's available on your device.
3. Disable remote management.
The FBI suggests that you consider disabling your router's remote management features. If you can get along without remote management, this sounds like a very good idea.
 
#2
Interesting I will power down the router AND my switch before I go to bed just to be safe. But how on earth do you get into the router and switch itself to check the Firmware and so on?
 

Calvin

In Hazzard County
Super Moderator
Premium Member
#3
That's what I did the other day.

To check firmware, you'd need to login your router.. I know Netgear uses routerlogin.net or something to access your settings and firmware. I'm not sure if that works for different brands of router. Google can help you how to get in your own router.
 

DeafDucky

Well-Known Member
#4
yes-- most if not all routers have a website or web page (most are at 192.68.1.1 or 192.68.1.100 regardless of brand- it's connected to your own router and is not affected by anyone else (ie I can't see into yours and you can't see into mine lol).

On that page you can look and see about updating firmware and anything else including adding passwords or changing settings. I take care of it here as dad is not into all that lol.