Watch CBS News

FBI urges internet users to reboot their routers to stop Russia-linked malware

Routers may be infected with malware
Hundreds of thousands of routers may be infected with malware 01:21

The same group that hacked the Democratic National Committee ahead of the 2016 presidential election is now taking aim at the internet routers of everyday Americans, and the FBI put out an urgent message on Friday in the hopes of stopping it. The instructions are fairly simple: switch your router off, then turn it back on.

While a reboot is simple enough, the problem at hand is not. The U.S. Department of Justice points the finger at the so-called Sofacy Group, also known as A.P.T 28 and Fancy Bear -- hackers who operate under the guidance of Russia's military intelligence agency. This time around, its VPNFilter malware has already taken hold of hundreds of thousands of home and office routers globally.

Now, U.S. intelligence officials believe the Russia-linked malware poses a threat to American internet users in a number of concerning ways.

"VPNFilter is able to render small office and home office routers inoperable," reads the Justice Department's public service announcement. "The malware can potentially also collect information passing through the router."

That means the malware would be able to steal logins and passwords, and monitor industrial control systems, CNET reported.

Unfortunately, there's no easy way to tell if your router has been compromised by VPNFilter, according to CNET. Some models from Linksys, Mikrotik, Netgear, QNAP and TP-Link -- mostly older ones -- may be affected.

What's more, the FBI notes that it's difficult to detect and analyze the malware's network activity, thanks to "its use of encryption and misattributable networks."

The U.S. government says it has seized a critical web domain, called toknowall.com, which the Russian hackers were using to disseminate the malware.

So, now, when you reboot your router, it throws a kink in their system, essentially destroying the part of the malware that allows hackers to spy on your activities. The install package, on the other hand, will be left intact. After a reboot, when that package attempts to download the other nasty parts of the malware, the FBI will be able to trace it.

How do you reboot your router?

Rebooting is a pretty easy process, usually requiring little more than holding down a reset button on the router, CNET explains

But some security experts advise that a factory-reset is the only sure-fire way to purge VPNFilter from a router. Once that's done, you'll have to reconfigure all your network settings. Check your model's instruction manual for help with both steps.

Linksys also recommends changing the default password.

View CBS News In
CBS News App Open
Chrome Safari Continue
Be the first to know
Get browser notifications for breaking news, live events, and exclusive reporting.