Today the FBI advised that everyone reset their routers, put a new/strong password in, and disable remote access. They are fighting Russian Malware that affects a half million routers and apparently this will help. No harm in resetting anyways.
“The FBI recommends any owner of small office and home office routers reboot the devices to temporarily disrupt the malware and aid the potential identification of infected devices,” the bureau’s cyber division wrote in a public alert.
“Owners are advised to consider disabling remote management settings on devices and secure with strong passwords and encryption when enabled. Network devices should be upgraded to the latest available versions of firmware.”
This is a list of routers known to be vunerable by Symantec. These are just the known ones, not all of them.
Mikrotik RouterOS for Cloud Core Routers: Versions 1016, 1036, and 1072
QNAP TS439 Pro
Other QNAP NAS devices running QTS software
I think I read somewhere that they seized the main server that communicates with the malware. So when you reset the infected router, it tries to communicate with that server. They can see it and fight it.
Do the mods a favor and don’t discuss politics here. I just wanted to put a friendly PSA out there