Did the Russians Hack Your Router?

Content provided by our partner Tom Bull, Two River Computer ~

It’s possible, but probably not based on what we know at this moment.  

However, like many stories in the headlines of the newspapers, TV and social media the numbers and facts can change.  It’s true. How many times have you read about a tragedy only to find it’s actually 10 times worse than originally reported.  Likely because it’s more important to be first, than to be accurate. It was originally reported that Russian hackers had attacked some internet routers.  Now they are saying that even more countries were targeted than initially thought, though the Ukraine was notably the largest. And the number of affected routers is growing.

So here’s what we know right now.  

On Friday May 25, 2018 the FBI reported that hundreds of thousands of home and small office routers had been compromised by Russian computer hackers with malware called VPNFilter.  Their goals are typically to collect user data (browsing habits, identity info, passwords), shut down your network or attack another network using your devices.

Scary to be sure.

The original suspected intent of this attack was to target all those devices inside your home that connect to the internet and don’t have a person sitting at them.  Video cameras, nanny-cams, thermostats, speakers, alarms, personal assistants (Amazon Echo, Google Home), smart TVs and more can all become an army of robots that can attack and bring down websites and servers.  

Now they are saying that the attack can alter info you see on the internet if your network is compromised.  Imagine seeing your bank balance at a steady number, but the bad guys are siphoning off your money? You could even be making a purchase at a familiar place, but your payment is going somewhere else and you never get your item.

They are also saying even more countries were targeted than initially reported…and the total number of targeted routers now exceeds 700,000.  And the number of manufacturers named in the router list has expanded greatly from initial reports.

So now what?

We are all concerned, even if only mildly, that our money will get stolen or our identity will get hijacked while surfing.  My opinion is that I think we are all pretty safe. The same safe feeling you get when you get in your car and you buckle up and see that airbag light on.  But that doesn’t mean some idiot won’t hit us because they’re updating their Instagram while driving! We need to always be diligent even if we feel safe.

The fact is there’s loads of safeguards to protect our online surfing.  Your local computer has protection, your bank has protection, the Amazon web servers all the big companies use all have military-grade firewalls for protection and Google is always on-guard to secure its traffic.  And even if something did happen to you, it can and will be fixed. It may be a colossal pain in the butt, but even an identity theft can be undone.

What we were told to do to fight this attack was to reboot (restart) our routers.  Yup, simply unplug them from power, wait 30 seconds and then plug them back in. That action will “flush out” any malicious code that was injected into your router.  For the time being. There’s software that runs on your router, called firmware. It should be updated if your router is on the list. And perhaps more importantly, the default administrative password that came with your router needs to be changed NOW!  You may even want to consider performing a “factory reset” of your router, or better yet, a new router if this whole thing makes you nervous.

List of affected routers

You can contact the router manufacturer for assistance in upgrading firmware and changing the default password.  You can also call your local computer repair folks. They can handle this for you.

PLEASE NOTE: as of this writing, Verizon FiOS and Comcast/Xfinity routers ARE NOT AFFECTED.  Primarily because they have unique default passwords and firmware upgrades are handled directly by them.

So, will the list of affected routers get bigger?  Will the attack be more widespread? The FBI actually seized the server that started all this, but they believe the bad code is still out there and may even have a delayed payload and attack later on.  We feel that it’s better to be safe than sorry and you should do something if your router is on the list. Maybe even if it isn’t.

Heed the warnings and carry on. 


120 Fair Haven Road    Fair Haven, NJ 07704    (732) 747-0020


Related Articles

Free Email Updates
Get the latest content first.
We respect your privacy.