Should you update your router?

posted by Stephan Thomasee on Thursday, June 28, 2018 in SHAZAM Blog

I ran across the following article, “Is Your Router Vulnerable to VPNFilter Malware?“ which was a bit of an eye opener, but not exactly a surprise in the big picture. I happen to use one of the devices in question (lucky me), so I’ve been following this issue.

In mid-May, the original guidance provided by the FBI was simple: just reboot your router. “Easy enough,” I thought, and I made it happen.

Fast forward a couple of weeks and it turns out there’s a bit more to it. We now have greater understanding of the malware. It’s turning out to be more capable than initially thought, has a much more complex mitigation path, and there’s an ever-expanding list of potentially vulnerable devices.

The article provides a good overview of the impacted devices and lists the latest mitigation information. I’d summarize it as follows:

  1. Apply the latest firmware.
  2. Perform a factory reset.
  3. Disable remote management, if applicable.
  4. Change the default admin password when reconfiguring the device.

This is a great example of the shifting landscape where consumer devices are becoming more attractive targets for attack. As the steps for mitigation become more complex, it’s likely that many of the devices will remain vulnerable for the foreseeable future.

It’s something to think about as we continue to add “internet of things” devices throughout our homes.


  1. malware
  2. router

SHAZAM, Inc. and ITS, Inc. provide this blog for general informational purposes only. Our blog may be shared by a direct link wherein the content remains as originally presented and has not been altered. SHAZAM, Inc. and ITS, Inc. assume no responsibility for errors or omissions in the contents on the blog. By using this blog, reader agrees that the information published does not constitute nor is a substitute for legal advice which should only be sought from a qualified, licensed attorney. 


comments powered by Disqus