FBI want you! To reboot your router and update it's firmware.

[em2nought]

https://www.cnet.com/how-to/the-fbi-say ... hould-you/

Last Friday, the FBI issued a report recommending that everyone reboot their routers. The reason? "Foreign cyber actors have compromised hundreds of thousands of home and office routers and other networked devices worldwide."

[Smoove_B]

Yeah, I got the message this morning via my toaster. Thanks FBI!

[Daehawk]

Read it on my local news online site. My stuff is working fine so think I may skip doing it. Anyways its the FBI. They probably want you to do it so their stuff can go on it

[Blackhawk]

Read it on my local news online site. My stuff is working fine so think I may skip doing it.

Most high-end malware is designed specifically so that your stuff will work fine. It wouldn't be very useful if it announced its presence by causing your hardware to act up. They aren't asking you to rewire your house, just unplug it, count to 30, and plug it back in. I do that every few weeks anyway.

[Max Peck]

VPNFilter

For several months, Talos has been working with public- and private-sector threat intelligence partners and law enforcement in researching an advanced, likely state-sponsored or state-affiliated actor's widespread use of a sophisticated modular malware system we call "VPNFilter." We have not completed our research, but recent events have convinced us that the correct way forward is to now share our findings so that affected parties can take the appropriate action to defend themselves. In particular, the code of this malware overlaps with versions of the BlackEnergy malware — which was responsible for multiple large-scale attacks that targeted devices in Ukraine. While this isn't definitive by any means, we have also observed VPNFilter, a potentially destructive malware, actively infecting Ukrainian hosts at an alarming rate, utilizing a command and control (C2) infrastructure dedicated to that country. Weighing these factors together, we felt it was best to publish our findings so far prior to completing our research. Publishing early means that we don't yet have all the answers — we may not even have all the questions — so this blog represents our findings as of today, and we will update our findings as we continue our investigation.

Both the scale and the capability of this operation are concerning. Working with our partners, we estimate the number of infected devices to be at least 500,000 in at least 54 countries. The known devices affected by VPNFilter are Linksys, MikroTik, NETGEAR and TP-Link networking equipment in the small and home office (SOHO) space, as well at QNAP network-attached storage (NAS) devices. No other vendors, including Cisco, have been observed as infected by VPNFilter, but our research continues. The behavior of this malware on networking equipment is particularly concerning, as components of the VPNFilter malware allows for theft of website credentials and monitoring of Modbus SCADA protocols. Lastly, the malware has a destructive capability that can render an infected device unusable, which can be triggered on individual victim machines or en masse, and has the potential of cutting off internet access for hundreds of thousands of victims worldwide.

[Daehawk]

No I mean all my stuff is working fine and if I reboot that router Im most likely going to have to reconnect the printer and tablet and anything else around here Ive forgotten about....Xbox is one. Also mine is Asus and its not mentioned about. I guess I need to see what this stuff is supposed to do. If its just sitting there then what do I care. Must be doing something though. Ill look into it.

At least more things reconnect on their own now days.

[Unagi]

No I mean all my stuff is working fine and if I reboot that router Im most likely going to have to reconnect the printer and tablet and anything else around here Ive forgotten about....Xbox is one. Also mine is Asus and its not mentioned about. I guess I need to see what this stuff is supposed to do. If its just sitting there then what do I care. Must be doing something though. Ill look into it.

At least more things reconnect on their own now days.

This:

components of the VPNFilter malware allows for theft of website credentials and monitoring of Modbus SCADA protocols. Lastly, the malware has a destructive capability that can render an infected device unusable, which can be triggered on individual victim machines

[Daehawk]

Welp no time like the present