A New Malware Threat Can Put Your Router at Risk

Written by
Matt Mone

Go Back

Yesterday, the FBI warned about a new major malware risk, called VPNFilter, which is estimated to have already infected half a million small business and home routers.

This new threat impacts some of the most popular router brands including: Netgear, TP-Link, Linksys, MicroTik, and QNAP network storage devices (see full list below). The malware can steal critical files from infected machines, wreak havoc on entire networks and has the possibility of knocking tens of thousands of computers offline.

Three quick tips to address the issue and protect your network:

1. Reboot your router and install new software patches – As an initial step, we recommend that you restart your router which removes part of the malware’s functionality. Next, lookup your router’s brand, model and serial number and download a patch directly from the manufacturer’s website. For step-by-step instructions on how to update your router’s firmware click here.

Links for how to update firmware for a specific manufacturer:

2. Change your router’s password, especially if you are still using the default password
Every router requires a username and password before you can access the settings. If you never changed this when you first configured the router, chances are the username is “admin” and the password is “admin” or “password.” For step-by-step instructions on how to change your password click here.

Links for how to change passwords for a specific manufacturer:

3. Disable the “remote management setting” – Most routers have a remote management feature that you will want to make sure if disabled on your router. Once you determine your login information and are able to access your advanced settings, click on the remote management tab to ensure that the check box for remote management is unchecked.

Applying these changes can be somewhat time consuming but it will ensure that you are not leaving your network vulnerable.

List of affected devices:

  • Linksys E1200
  • Linksys E2500
  • Linksys WRVS4400N
  • Mikrotik RouterOS for Cloud Core Routers: Versions 1016, 1036, and 1072
  • Netgear DGN2200
  • Netgear R6400
  • Netgear R7000
  • Netgear R8000
  • Netgear WNR1000
  • Netgear WNR2000
  • QNAP TS251
  • QNAP TS439 Pro
  • Other QNAP NAS devices running QTS software
  • TP-Link R600VPN

Have questions about this threat or want to learn more about how to protect your router? Contact us at insource@insourceservices.com or (781) 235-1490.