As news has broken about the FBI’s warning to consumers and small business owners about rebooting their routers, many have reached out to Axiom to ask what do they need to do. Our advice to them is what the FBI has recommened: if you have one a cable modem or router at home, do a quick unplug/replug of the router (D-Link, NetGear, etc). The good news is the FBI has taken control of the domain that was harvesting the information so even if you were infected, the FBI is just collecting information to find how widespread the infection was (500,000 devices are suspected to be infected).
What is VPNFilter?
VPNFilter is a malware, that contains a killswitch for routers (meaning it can permanently shutdown your device) and it also could steal usernames and passwords. The infection appears to be hitting Ukraine hard but has been found in 54 countries.
There is some good news for some users. If you have kept on top of firmware updates and changed the default credentials on your devices, you may be protected. But as we know, most of us never log in and update our cable modem’s firmware.
Axiom’s customers are protected from VPNFilter through a combination of rules that restrict access to our devices as well as addition of the known bad addresses to our blocklists.