It’s not often that the US Justice Department or FBI pleads with the public to do something, so when this happens, it’s worth paying attention. This past week, the agency managed to thwart a botnet called VPNFilter by deactivating a domain that would have sent further instructions to routers belonging to ordinary folk like you and me. A problem still remains, though, and it’s the one the these agencies want help with.
Even though the malicious domain was killed off, thousands of home routers remain infected with the malware that made them susceptible to that kind of attack to begin with. Because the bug is severe enough, router vendors have been issuing firmware updates to remedy the issue. However, sometimes firmware will not apply until the router is rebooted – and that’s where you come in.
A hacker group called Sofacy targeted a wide-range of hardware with its attack, with Belkin, Linksys, MikroTik, Netgear, TP-Link, and QNAP all affected. If you own a device by any one of these companies, it doesn’t mean that you’re infected, but if it’s non-consequential to reboot your device, we’d highly encourage that you do so immediately. Ultimately, if you remain infected, you’re still at risk, even if the guilty, nefarious domain has gone poof.
It’s important to note that with the QNAP mention, this issue isn’t only affecting routers; it’s also affecting some NAS systems as well. If you’re a power user, you can manually make sure that all of your devices have their most up-to-date firmware, and then you should be able to relax. Otherwise, automated security patches should be pushed through to any/all your devices if you force an update.
Even if none of your equipment matches the vendor names above, it’s still worth considering rebooting your network devices, if you can do it without disrupting something. It seems like a very small price to pay for potentially enhanced protection (and maybe your device will appreciate the refresh anyway).