Federal Bureau of Investigation warns of Russian malware attack on 'thousands' of routers

Federal Bureau of Investigation warns of Russian malware attack on 'thousands' of routers

Federal Bureau of Investigation warns of Russian malware attack on 'thousands' of routers

The encrypted malware has the potential to disrupt the router's functions and collect private information passing through the hardware.

Breaking the connection though, is basically what you need to do, and the FBI's action in seizing the server spreading the malware means that your routers won't be reinfected once you reboot. The attackers slipped the malware onto routers that were still using default login credentials with remote access enabled, as well as those that simply had unpatched security vulnerabilities.

The FBI is warning that Russian hackers have infected routers, the device that brings internet to our homes and offices.

According to a report by arstechnica, the malware has infected at least 500,000 devices in the U.S. According to researchers from the security team at Cisco's Talos, the malware was most likely developed and launched by hackers working for "an advanced nation", which could be Russian Federation. Compromised devices, however, remain infected.


However, the most worrying capability is that malware allows its controllers to wipe a portion of an infected device's firmware, rendering it useless. QNAP storage devices are also known to be affected.

The government suggests turning off your router for at least five seconds and turning it on again should disable the malware.

The agency has already pinpointed how the hackers got into the routers and now they want everyone to do a reboot. The alert also added that updating firmware on network devices should help. If any remote-management settings are in place, the Federal Bureau of Investigation suggests disabling them.

Related news



[an error occurred while processing the directive]