Meet VPNFilter: A Malware That Could Destroy Your Router

Your router contains a treasure trove of information hackers want to access. In keeping with the spirit of this, the FBI announced a warning this past weekend, as they discovered a new malware variant VPNFilter from the Russian hacking group Sofacy.

What is VPNFilter?

VPNFilter is malware Sofacy uses to infect routers. Once infected, the malware collects traffic such as website credentials, according to ZDNet. In addition, the FBI warns the most damaging aspect of this malware is it gives hackers the opportunity to destroy or wipe out a single router.

Why is this important? Well, if you’re running a small business and you fall victim to VPNFilter, not only could you lose your internet access, which would slow down or stop your company’s operations depending on how much of it is online, but it could also mean hackers can access sensitive data.

Remember, part of the risk with this malware is it collects website credentials. This means it could log information when you access online banking or your email that might contain sensitive company information. Overall, not only could debilitate operations, it could make your information available to the highest bidder as well.

What Routers Are Affected?

The FBI released a list of the affected routers. This includes the following models:

  • Linksys E1200
  • Linksys E2500
  • Linksys WRVS4400N
  • MikroTik Router OS for Cloud Core Routers: Versions 1016, 1036, 1073
  • Netgear DGN2200
  • Netgear R6400
  • Netgear R7000
  • Netgear R8000
  • Netgear WNR1000
  • Netgear WNR2000
  • QNAP TS251
  • QNAP TS439 Pro
  • QNAP devices running on QTS software, according to ZDNet
  • TP-Link R600VPN

“The FBI recommends any owner of a small business or home office routers to reboot the devices to temporarily disrupt the malware and aid the potential identification of infected devices,” the FBI announced. By doing a reboot, ZDNet reports it will remove Stage 2 and Stage 3 components of the malware from the infected router.

That said, if your router has a Stage 1 infection of the VPNFilter, the reboot won’t remove it. Instead, it gives the opportunity for hackers to reinfect these routers anytime they want.

Along with rebooting routers, the FBI recommends, “Owners are advised to consider disabling remote-management settings on devices and secure with strong passwords and encryption when enabled. Network devices should be upgraded to the latest versions of firmware.”

What To Do When Becoming a Victim of Malware

Having malware on your device can make you feel helpless. After all, you won’t have access to your files and with some variants, they render your device useless.

However, it’s important to refrain from panicking as the team at Outsource Data Recovery can help. We have extensive experience in recovering files from corrupted devices; it’s why government agencies, private companies, and personal users entrust us with their devices.

Along with expedient recovery, you’ll find the process to be informative and transparent. So, when the unthinkable happens, know someone has your back. Contact Outsource today to learn how we can help.