Today the FBI advised that everyone reset their routers, put a new/strong password in, and disable remote access. They are fighting Russian Malware that affects a half million routers and apparently this will help. No harm in resetting anyways.
“The FBI recommends any owner of small office and home office routers reboot the devices to temporarily disrupt the malware and aid the potential identification of infected devices,” the bureau’s cyber division wrote in a public alert.
“Owners are advised to consider disabling remote management settings on devices and secure with strong passwords and encryption when enabled. Network devices should be upgraded to the latest available versions of firmware.”
This is a list of routers known to be vunerable by Symantec. These are just the known ones, not all of them.
Linksys E1200
Linksys E2500
Linksys WRVS4400N
Mikrotik RouterOS for Cloud Core Routers: Versions 1016, 1036, and 1072
Netgear DGN2200
Netgear R6400
Netgear R7000
Netgear R8000
Netgear WNR1000
Netgear WNR2000
QNAP TS251
QNAP TS439 Pro
Other QNAP NAS devices running QTS software
TP-Link R600VPN
I think I read somewhere that they seized the main server that communicates with the malware. So when you reset the infected router, it tries to communicate with that server. They can see it and fight it.
Do the mods a favor and don’t discuss politics here. I just wanted to put a friendly PSA out there