The U.S. Federal Bureau of Investigation recently urged all internet users to take steps to guard their home and office routers from an attack by foreign cyber actors.
In a May 25 statement, the FBI said foreign cyber players used a malware program known as "VPNFilter" to target "hundreds of thousands" of small office and home office routers and other connected devices worldwide. Anyone using a small office or home router was advised to reboot their devices, update their firmware and consider disabling the ability for the devices to be remotely accessed.
The FBI's warning came two days after Cisco Systems Inc.'s Talos Intelligence Group issued a report that estimated at least 500,000 in more than 50 countries had been infected with the VPNFilter malware.
"[VPNFilter] has a destructive capability that can render an infected device unusable, which can be triggered on individual victim machines or en masse, and has the potential of cutting off internet access for hundreds of thousands of victims worldwide," Talos' report read.
The U.S. Justice Department in a May 23 statement linked the spread of VPNFilter to an organization known as the "Sofacy Group," which has been operating since at least 2007, and targets "government, military, security organizations, and other targets of perceived intelligence value."
Officials said the U.S. Attorney's Office for the Western District of Pennsylvania has obtained court orders allowing the FBI to seize a domain that is part of the malware's command-and-control infrastructure. This will allow officials to redirect the malware's attempts to reinfect devices to an FBI-controlled server, so that the devices are protected from being infected again after rebooting.
