The FBI has recently warned Americans that the same hackers behind the DNC 2016 hacks of the Presidential election are now going after home and commercial wifi routers. The law enforcement agency warned everyone to turn off their router and turn it back on. This is said to clear the cache of the router which prevents the hack from being successful.
This simple fix, unfortunately, is only technical. The US DOJ has identified the culprits of the hacks as the Sofacy Group, also known as APT 28 and Fancy Bear. These hackers are directly employed or at least affiliated with the Russian national security services. In this particular hack, the Kremlin-affiliated groups have infected millions of home and business routers across the globe.
The FBI and other US intelligence agencies have proof that the malware from these state-sponsored hackers threatens the people of the United States in a number of ways. The name of the current malady is “VPN Filter“. The malware shuts down the router that it infects and also collects any information sent between that router, connected devices, and the internet.
This means that any website logins, passwords, confidential numbers, etc. could be stolen using this malware. With the tools available to the vast majority of consumers cannot detect this virus. However, when you reset your router that ends up deleting part of the program that causes the problem. The issue is that this solution does not permanently delete the file- it essentially treats the symptom and not the cause.
The ongoing cyber crisis between the United States and Russia is shaping up to be another front in the Cold War 2.0. This hack is designed to scrape as much personal information about users in the United States as possible. This is to steal financial information like bank accounts, credit card numbers etc. They also look to find compromising material in order to gain leverage during negotiations.
The FBI recommends that if you believe you are infected with this malware that you wipe and reinstall the OS of both your internet connected devices and router. This is the only current solution known that will completely remove the program. You can also reset your router for a short-term solution but this will not permanently remove the malware.