It’s not everyday that you wake up to the FBI publicly warning everyone that hundreds of thousands of routers across the world have been infected with dangerous malware. And yet here we are.
UPDATE: Initially, we reported that the hack was thought to affect routers made by Netgear, TP-Link, Linksys, MikroTik and QNAP. Now it's been discovered it also affects ASUS, D-Link, Huawei, Ubiquiti, UPVEL, and ZTE routers.
The excellent Ars Technica has a full and updated list of affected router models. It's... long.
What is VPNFilter? (and what on Earth is going on?)
The Federal Bureau of Investigation (but you can call them FBI, really, they don’t mind) has issued a public warning, telling people they have found a new kind of malware infiltrated into at least 500,000 consumer routers — the kind normal people have at home.
This means that your very own home router — that little blinky plastic box with one or more antennas and cables coming out of it and a finger-thick layer of dust (no? just mine, then? mkay) — could be infected with VPNFilter, a strand of malicious software apparently developed by hackers working closely with everyone’s favorite digital problem child global superpower.
What does this VPNFilter malware do to my router?
A number of fun things such as: commanding your devices as part of a zombie army to launch massive attacks (what's known as a botnet), pulling off man-in-the-middle attacks to collect your files and data (including login details and passwords), hijacking your internet connection, and potentially taking full control of your router and blocking it forever, thus killing your Wi-Fi which is just pure evil.
Is my router infected with VPNFilter malware?
We know the malware can affect routers made by Netgear, TP-Link, Linksys, MikroTik, QNAP, ASUS, D-Link, Huawei, Ubiquiti, UPVEL, and ZTE. For specific models, see Ars Technica's full list.
While it seems VPNFilter attacks routers that people bought themselves — in stores and online — there is a possibility it may also affect your router if you got it directly from your internet provider.
How can I secure my router against this malware?
Now some good news at last, because neutralizing VPNFilter is super easy: you just have to reboot your router. Reboot, restart, power cycle, switch it off and then back on… it all means the same thing: just unplug your router, wait ten seconds or so, plug it back on, and you’re good.
Really? That’s all it takes?
Yes. *insert shrug emoji*
OK, no. If you want to be on the safe side, then reboot your router AND update your router with any and all security patches issued by the manufacturer AND change the default password to something not defaulty AND disable remote management in your router settings page.
When in doubt, contact your router manufacturer. They should be on top of this now, and will be able to help you update your firmware.
But what about my data and my passwords and all that? What can I do to protect them against router malware of this kind?
A VPN can help. A Virtual Private Network is an app that you can download and install onto your PC, laptop, smartphone or tablet. With one click, it covers everything you do online under a thick encryption blanket, so nobody that’s managed to hack into your router can see or understand anything you do — not your login details, your browsing, your messages… nothing. We know a great VPN you can try for free.