Good news, everyone! Remember thatin response to Russian malware VPNFilter? Turns out, it's worse and many more people will have to do much more than just reboot their routers.
According to a new report from security firm Cisco Talos, "VPNFilter malware targets more vendors and models of devices than originally thought, and has additional capabilities, including the ability to deliver exploits to endpoints."
So if you have one of the affected routers ̵
Ugh. That'll fuck. But we can do it.
Step 1: Update Your Router's Firmware
In a sense, this is the easier step, as it can often be done inside the dashboard of your router. Firmware is just the core software that runs the router, and the update usually involves little more than a download and a few automatic router restarts.
Of course, if you have not even looked at this dashboard, then maybe it's time for a trip to the owner's manual – or the router manufacturer's online help pages.
Because the firmware update process varies from manufacturer to manufacturer, here is a brief, generalized overview based on updating an Asus WRT router.
Step 1: Visit the Asus Support website and download the latest firmware for your specific model.
Step ii: Open a browser window, enter 192.168.1.1 and press Enter . This takes you to the dashboard page of the router – but you may need a username and password to gain access. If you have never changed the default settings, you should be able to find them in the manual. (Often the default values are "admin" or "password".)
Step iii: Click the Administration button (again, only for Asus routers, on other models it could be configuration or firmware or similar), then ] Firmware Upgrade tab.
Step iv: Click Select File and locate the firmware file you downloaded in step 1. Then click Upload to perform the update.
This may take a few minutes and your router will probably be restarted at least once during the process. Needless to say, you will lose all internet connections during this time.
And this is just one example of the firmware update process. It's common, but the steps may vary for your model.
Step 2: Reset your router to factory settings
Now for the big hassle. You probably know that you can reboot or reset your router by unplugging the power cord for a few seconds and plugging it in again. But a Factory reset is a little different. True to its name, it returns all settings to their original state. Once it's done, you can set up the home network again.
Before you begin, make a note of the name and password for each Wi-Fi network currently configured on your router. You could only have one; I saw houses that had five. You should note these down so that you can literally rebuild them after resetting to factory defaults.
Why is that important? If your current "SmithLAN" network becomes "Smith LAN" after the reset (just because you forgot and added a space this time), you must now manually connect each device in your home to this "new" network. Hassle city.
The actual reset should be pretty easy. For example, some Linksys routers have a small reset button on the device. You press and hold it for 10 seconds and that's it. Alternatively, you may be able to log in to the dashboard and perform the reset from there. In the Asus example above, in step 3, you would click the Restore / Save / Upload tab and then the Restore button.
Consult the manual of your router (or the website of the router) again to review the steps to reset the model to factory settings.
Here are links to the support directories for some of the affected routers (see the next section for the full list):
When you're done, you'll need to go to the dashboard and rebuild your networks. Fortunately, should be protected from future attacks with your updated firmware and every trace of VPNFilter – from this particular malware anyway.
Which Routers Are Affected
By courtesy of Cisco Talos, you can find an up-to-date list of models that may be affected by VPNFilter. Those identified as new were not included in the original report.
- RT-AC66U (new)
- RT-N10 (new)
- RT-N10E (new)
- RT-N10U (new)
- RT-N56U new)
- RT-N66U (new)
- DES-1210-08P (new)
- DIR-300 (new)
- DIR-300A (new)
- DSR -250N (new)
- DSR-500N (new)
- DSR-1000 (new)
- DSR-1000N (new)
Mikrotik Netgear [DGN1000(new)
Qnap  TS251
TP-Link Upvel ZTE
Qnap  TS251
TP-Link Upvel ZTE
Qnap  TS251