The known devices affected by VPNFilter are Linksys, MikroTik, NETGEAR and TP-Link networking equipment in the small and home office (SOHO) space, as well as QNAP network-attached storage (NAS) devices.
Although the specific way that the devices are affected are unknown,
The malware has a destructive capability that can render an infected device unusable, which can be triggered on individual victim machines or en-masse, and has the potential of cutting off internet access for hundreds of thousands of victims worldwide.
According to the FBI, the best steps to stop or prevent the malware include:
- Reboot the potentially compromised router
- Upgrade the firmware to the latest provided by the Manufacturer IMMEDIATELY
- Disable remote-management functionality
- Disable UPnP
- Enable encryption
- Use a strong password
- DO NOT USE DEFAULT PASSWORD ON YOUR DEVICE