[Security Advisory] Home users and small businesses routers may be infected with malware
-
Friday, 25th May, 2018
-
18:39pm
On May 25th, 2018, the FBI released a statement via the Internet Crime Complaint Center instructing all small business and home users to reboot their routers immediately. There is a high likelihood that your small business or home router is affected by this malware. The malware discovered can only persist a reboot if it is able to contact a remote domain name, which the FBI has now seized; thus, if you reboot your router the malware will be rendered inert.
Our recommendations:
- Reboot your router as soon as you are able, both at home and in your business (unplug it and plug it back in).
- Make sure an administrative password is set on your home and business router that is not the default.
- Upgrade the firmware on your router if possible. Some routers require accessing their web interface to do this. Some routers (such as Google WiFi, Linksys Velop, Netgear Orbi) allow you to do this within an app.
- For our customers whom we have installed networking infrastructure - your networks have been patched and rebooted.
Some helpful links on changing your router password (this is not your WiFi password):
Generally, browsing to http://192.168.1.1 or http://10.0.0.1 will get you to your router's admin interface, where you should be able to find a link to change the router's password.
General Security Tips:
- Use a password manager (LastPass, Dashlane, & 1Password are all great options).
- Change the default password on your devices (be it computers, routers, etc.).
- Don't use the same password for different websites (or if you do in fact do this, at least use a different password on banking websites & other high-security websites).
- Regularly install updates (Windows, Mac, iPhone, Android). Devices that are not updated are vulnerable to attack.
