Router Virus aka VPNFilter Malware

The Router Virus

Have you heard in the past few weeks about the router virus that is impacting hundreds of thousands of routers? The FBI issued a report recommending that everyone reboot their routers because:

“Foreign cyber actors have compromised hundreds of thousands of home and office routers and other networked devices worldwide.”

Over the past week or so, we’ve been getting calls from our customers who are very concerned about the router virus they keep hearing about.  And they’re right to be concerned.  The malware has been programmed into hundreds of thousands of routers. Big deal, right?  I don’t run any programs on my router.  I don’t store any of my data on my router.  It’s just that black box that sits in the corner that brings my WiFi signal from my ISP to my tablet. Completely harmless, right?

What can go wrong?

Well, no.  This particular router virus can make your router inoperable.  Even worse it can collect any information passing through the router. So it could possibly collect your ID and password for your bank account.

How do you protect yourself?

The FBI is recommending that you reboot your device, upgrade to the latest firmware, and change the router password to a super-super secure password.

How do you reboot your router?The Router Virus aka VPNFilter Malware

Rebooting your router is just like rebooting your computer.  Unplug the router (or turn it off if the on/off switch is clearly marked), Wait 30 seconds, then plug it back in.

Will a reboot of the router always work?

Several privacy and security companies are saying that a reboot does a partial job.  Apparently, a router has two kinds of memory: Volatile and non-volatile memory.  Sometimes the router virus will also write data to the non-volatile memory too.  A reboot will clear volatile memory only.  In order to clear non-volatile memory, you’ll need to reset your router.

Should I reset my Router instead?

A router reset is more complicated than just turning the device off and on.  You’ll need to enter certain information and follow certain steps. ESET (the company we like for antivirus software) has provided instructions for performing the reset.  You can find them in this article.

Which routers have this virus?

ESET has published a list of routers known to be infected with the router virus.  There are probably many others and the best thing would be for you to reboot your router regardless of which model you have.  Here is the list from ESET:

  • “Asus: RT-AC66U, RT-N10, RT-N10E, RT-N10U, RT-N56U, RT-N66U
  • D-Link: DES-1210-08P, DIR-300, DIR-300A, DSR-250N, DSR-500N, DSR-1000, DSR-1000N
  • Huawei: HG8245
  • Linksys: E1200,  E2500, E3000, E3200, E4200, RV082,  WRVS4400N
  • Mikrotik: CCR1009,  CCR1016,  CCR1036,  CCR1072, CRS109, CRS112, CRS125, RB411, RB450, RB750, RB911, RB921, RB941, RB951, RB952, RB960, RB962, RB1100, RB1200, RB2011, RB3011, RB Groove, RB Omnitik, STX5
  • Netgear: DG834, DGN1000,  DGN2200, DGN3500, FVS318N, MBRN3000,  R6400,  R7000,  R8000,  WNR1000,  WNR2000, WNR2200, WNR4000, WNDR3700, WNDR4000, WNDR4300, WNDR4300-TN, UTM50
  • QNAP: TS251, TS439 Pro, Other QNAP NAS devices running QTS software
  • TP-Link: R600VPN, TL-WR741ND, TL-WR841N
  • Ubiquiti: NSM2, PBE M5
  • Upvel: according to Talos, malware targeting Upvel as a vendor has been discovered, but researchers have not yet determined which devices are targeted.”

Will you reboot your router or re-set it?

If you decide you want to “re-set” your router rather than “reboot” it, let us know if you need help.


Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PCs for the past fifteen years. His company is highly rated by both the BBB (Better Business Bureau) and by Angie’s List. You can find more on our website, or give us a call 303-618-0154. Geek For Hire, Inc. provides onsite service (Tier 3) to the Denver / Boulder / Front Range area as well as remote service throughout North America.

We’ve been using Amazon Prime for the past few years.  We like the free 2-3 day shipping and the online streaming. I haven’t tried the Kindle lending library yet.  I’ll try that next!   Prime is normally $119/year ($59 for students!), but you can try it for 30 day for free by clicking on this link: Try Amazon Prime 30-Day Free Trial (Any links to products or services in this post may be affiliate links. If they are, we may receive a small commission when you click on it. Rest assured, your price will be the same!)  If you’d like to receive our newsletters in your email, please click here.

1 reply

Trackbacks & Pingbacks

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *