Blog Russian hackers may have infected your WiFi router — here’s how to protect yourself
Robert Siciliano June 11, 2018

Russian hackers may have infected your WiFi router — here’s how to protect yourself

When the FBI released a report to tell the nation that we should reboot our routers due to an attack from Russian hackers, it was incredibly alarming. But now, it looks like the threat could be much more serious than we originally feared.

What is VPNFilter?

The threat is a type of malware called VPNFilter. It was initially reported that more than half a million WiFi networks throughout the U.S. were affected. However, this malware received an upgrade and is now thought to be able to affect 71 types of routers (rather than the 16 we previously thought). This means that the 500 million number is actually grossly underestimated.

The dangerous malware can stop your home or small business router from working, and it can collect information that is sent through the router. It is strongly believed that the Sofacy Group of Russian hackers are responsible for this attack.

Are you affected?

The bad news is that there is no easy way to know if your router is affected by VPNFilter. But, certain manufacturers are affected more than others. These include popular routers made by Netgear, Linksys, QNAP, Mikrotik, TP-Link, and more. For an updated list of routers, check out this report here.

Could a reboot fix the problem?

Sources, including the FBI, are advising people who might be infected to reboot their routers. But can this simple step really work to stop VPNFilter?

Rebooting your router definitely won’t hurt anything, but a simple reboot won’t fix the issue completely. Some of the code is destroyed, but parts of it will continue to remain. In fact, the FBI came out again and said that a reboot will only “disrupt” the processes of the malware. It doesn’t completely remove the malware, which is what many people believed. Fortunately, there is another option that you can use.

Instead of just rebooting your router, you should reset it through a factory reset. This will get the malware off of your router, but it’s a process that is a pain in the neck as you then have to reconfigure all of the settings on your network. This might not affect everyone, but for people who have taken the time to configure a router, you will have to go through all of the steps again. So back up your router settings, save the file, reset it, then install it again.

Other steps you need to take

There are other things that router manufacturers recommend. For instance, Linksys, one of the manufacturers that are affected by this, says that people who own a Linksys router should update to the latest firmware, and then do the factory reset. The manufacturer also recommends that people change the default password to something different. Other manufacturers recommend similar steps, so you should do this regardless. After all, no one wants Russian hackers secretly tracking their activities, so make sure your connection is secure.

To keep your devices protected against hackers, download Hotspot Shield VPN for free today.  

Download Hotspot Shield for FREE

Robert Siciliano
About Robert Siciliano

Robert Siciliano is an Identity Theft expert consultant to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him discussing internet and wireless security on Good Morning America. FInd Robert Siciliano on Google+

View all posts by Robert Siciliano
Subscribe to our newsletter

Become a Hotspot Shield insider to get the latest news, updates, and special offers delivered directly to your inbox.