Users are being encouraged to reboot their routers following a statement from the FBI. Russian malware has infected many hundreds of thousands of devices which will ultimately lead to an army of routers (Botnet) that collects people’s information by monitoring user activity.
Updating to latest firmware will protect users in most cases. It is also good to maintain strong passwords for the routers to help ensure good security practice. This process will also help authorities to find the root of the issue.
The warning was issued with a court order that allowed the Federal Bureau of Investigation to seize the devices and remove malicious communications, however there are many routers still infected despite the warning being issued on Friday.
Many infections were detected from more than 50 nations, It would seem that Russia’ primary target was Ukraine which is currently facing the most infections.
The hacker alias behind this malware is called Sofacy which is currently working with the Russian government. The group is also known for the APT28 and Fancy Bear which are one of the Russian Hacks on Democratic National Committee during the 2016 U.S Election.
Cisco systems have issued a statement saying that the Campaign targeted the devices from Belkin International, Linksys, Netgear and TP-Link.
The FBI is also asking ISPs to secure their routers as they may be operating routers containing malware. Cisco has released technical details of its investigation and the ways that routers can be affected by the malware.