Foreign cyber actors compromised hundreds of thousands of home and office routers and used VPNFilter Malware as the method of attack, according to the FBI.
VPNFilter Malware is a new threat and it targets a cluster of routers and makes them unusable, the cybersecurity company Symantec said. It could maintain a threat on the device even after a reboot, the company added.
Symantec also advises a reboot and if the problem persists to reset the device, which will wipe the device clean. Additionally, they recommend backing up any configuration details or credentials stored on the router because they'll be wiped clean by the reset.
The VPNFilter malware can effect routers that are made by Linksys, Mikrotik, and Netgear, Symantec said.
QNAP, another one of the router companies affected, put out a security advisory telling customers to install their updated malware remover and to change the password if consumers are using a default password.
According to an analysis by Cisco's Talos Intelligence, they estimate the number of devices infected because of this specific type of malware to be 500,000 and to be operating in at least 54 counties.
“The FBI will not allow malicious cyber actors, regardless of whether they are state-sponsored, to operate freely,” said FBI Special Agent in Charge Bob Johnson in a statement. “These hackers are exploiting vulnerabilities and putting every American’s privacy and network security at risk."
The group has been operating since 2007 under the names "Fancy Bear," "apt28" and "sednit," among others, according to the Department of Justice. They target government military and security organizations as well as "other targets of perceived value."
“The Department of Justice is committed to disrupting, not just watching, national security cyber threats using every tool at our disposal, and today’s effort is another example of our commitment to do that,” said Assistant Attorney General for National Security John Demers in a statement. “This operation is the first step in the disruption of a botnet that provides the Sofacy actors with an array of capabilities that could be used for a variety of malicious purposes, including intelligence gathering, theft of valuable information, destructive or disruptive attacks, and the misattribution of such activities."