After it was reported that the
VPNFilter botnet consisting of over 500,000 routers and NAS devices was taken over by the US government, the FBI issued an advisory stating that users should reboot their routers in order to disrupt the malware.
Unfortunately, as shown by the five phone calls I received today, many people heard the reboot part, but did not read the rest of the recommendations of turning off remote administration, changing passwords, and upgrading to the latest firmware. One step that was not mentioned is the fact that the only way to truly remove VPNFilter is to reset the router to factory defaults.
Due to this, people are just resetting their routers, but leaving part of the malware still present after it is rebooted. With that said, I have put together a guide on VPNFilter, what the
FBI advisory is about, and the steps you should perform to clean and secure your router.
