The FBI recently put out a public service announcement saying "the malware is able to perform multiple functions, including possible information collection, device exploitation and blocking network traffic". The attackers slipped the malware onto routers that were still using default login credentials with remote access enabled, as well as those that simply had unpatched security vulnerabilities.
The FBI warned that foreign cybercriminals had compromised "hundreds of thousands" of home and small office router devices around the world that direct traffic on the internet by forwarding data packets between computer networks. It says that many popular router brands were infected, including Linksys, MikroTik, Netgear and TP-Link.
The US Federal Bureau of Investigation has issued an advisory on Friday suggesting owners of small offices and home offices to reboot their internet routers.
Rebooting a router clears the "advanced" stages of VPNFilter from a device, but the first stage remains in place.More news: Harvey Weinstein hands himself in to police in NY
But there's a simple step you can take right now that will likely prevent damage: Reboot your router, which can usually be accomplished by unplugging its power cord for 10 seconds and then plugging it back in. The cyberattack was discovered by Cisco's Talos division, which said at least 500,000 routers in 54 countries have been infected.
The FBI says Russian hackers are getting into homes and businesses across the U.S.
To disrupt the Sofacy network, the Justice Department sought and received permission to seize the web domain toknowall.com, which it said was a critical part of the malware's "command-and-control infrastructure". Upgrading the router's firmware and changing the password will also help secure your device.