Skip to Content
Security & privacy

FBI warns consumers about massive malware attack happening now from Russia

If you’ve been paying attention to the news recently, you’ve heard lots of horror stories about Russian hackers. In fact, Kim Komando warned you about Russian hackers targeting routers first.

Well, as usual, Kim was right. The rest of the world is learning that her warnings were precise.

Security researchers are sounding the alarm that over 500,000 routers have already been hacked, and that number could be much higher. We could be looking at the next cybersecurity crisis!

Russian hackers are on the prowl

Security researchers at Cisco warned this week that Russian hackers have infected at least half a million routers across the globe with malicious software. There are victims of the attack in dozens of countries, including the U.S. It’s suspected that the compromised routers will soon be used in a major cyberattack, possibly against Ukraine.

The malicious attack is being dubbed “VPNFilter.” The Russian government is presumed to be behind it. That’s because the malware uses code found in previous cyberattacks carried out by Russia.

If your router is infected with this malware it could be used for interfering with internet communications, spying, or DDoS attacks. A similar DDoS attack happened in December 2015 in Ukraine when part of its energy grid was targeted.

The VPNFilter malware allows hackers to have remote access to infected devices. It also has an auto-destruct feature. This allows the cybercriminals to delete the malware, along with other software on infected machines that would make them inoperable.

Once your router is hacked, criminals can execute these attacks:

  • identify other vulnerable devices in the network
  • read your gadget configurations
  • map your internal network
  • harvest usernames and passwords
  • impersonate administrators
  • modify firmware
  • modify operating systems
  • change configurations
  • spy on your traffic and redirect it through Russian-controlled servers

More malicious things hackers can do with your router

As you can see, when your router is compromised, a hacker can do all sorts of malicious activity. Not just on the router itself, but on every connected device in your network. Here are more malicious things that your compromised router can be used for.

DNS hijacking

One of the more popular router hacking techniques is DNS hijacking. DNS hijacking of unsecured Wi-Fi routers is nothing new, of course, and we’ve talked about this technique before with malware like Switcher and other malicious DNS changers.

It’s when hackers alter your router’s DNS settings to intercept your traffic, then redirect you to fake versions of legitimate sites designed to steal your credentials. This includes banking information, and even the codes you use for two-factor authentication.

Basically, if your router’s DNS servers have been switched to the attackers’, they can hijack and redirect all your traffic to any site they want. It’s a serious problem, indeed. Once your router is compromised and its DNS settings altered, potentially all of the computers and gadgets in your network can be exploited and targeted.

DDoS attacks

Another common use for router hijacking is for executing distributed-denial-of-service (DDoS) attacks.

DDoS is an attack where a targeted website is flooded by an overwhelming amount of requests from millions of connected machines in order to bring it down. Traditionally, these attacks are launched from compromised computers and mobile gadgets collectively nicknamed “botnet.”

This means unsecured routers, printers, IP web cameras, DVRs, cable boxes, connected “smart” appliances such as Wi-Fi light bulbs and smart locks can be hijacked and involved in cyberattacks without the owner knowing about it.

Ways to protect your router

Here are various ways to shield your router from attacks, making it harder to infiltrate and hack.

Update your firmware regularly

With hackers constantly looking for firmware flaws to exploit, keeping your router’s firmware up to date is a must.

The process is not as hard as it sounds. Once you’re in the router’s admin page, check for a section called “Advanced” or “Management” to look for firmware updates, then just download and apply as required.

You should check for router firmware updates at least once every three months.

Click here to learn more about updating your router’s firmware.

Change the default passwords

When you installed your router, did you remember to do this one critical step – changing its default administrator password?

Basically, if someone other than you can get in your router’s admin page, then he/she can change any setting they want.

Make sure you’ve changed the default router password. Every hacker worth his salt has access to all the default passwords of every router brand, so you need to create one of your own that’s strong.

Click here to learn how to find your router’s password (then change it!)

Turn off remote administration

While you’re in your router’s administrator page, you can turn off remote administration for better security.

Remote administration is a feature that allows you to log into your router over the internet and manage it. If you’ve ever called tech support, you may have experienced something similar. Remote administration is a handy tool, especially when you need to fix a problem, but it leaves your computer vulnerable to hackers.

Unless you absolutely need it, turn this feature off. You can find this under your router settings, usually under the “Remote Administration” heading.

While you’re at it, you can turn off older internet management protocols like Telnet, TFTP, SNMP and SMI.

Check your DNS settings

To check your router’s DNS settings, use an online tool.

To prevent threats from misconfigured DNS settings, you can also manually review your DNS servers and change them to secure ones like CloudFlare or Quad9.

Click the links provided for detailed steps.

Turn on your guest network

There is another simple way to protect your more critical personal devices. Just put them on a separate network that’s different from your main one.

You can do this by setting up a completely different Wi-Fi router or by simply enabling your router’s “Guest Network” option, a popular feature for most routers.

Guest networks are meant for visitors to your home who might need a Wi-Fi internet connection but you don’t want them gaining access to the shared files and devices within your network.

This segregation will also work for your smart appliances and it can shield your main devices from specific Internet-Of-Things attacks.

Click here to learn how to turn on your guest network to protect your home.

Have a question about cybersecurity or anything tech related? Kim has your answer! Click here to send Kim a question.

The Kim Komando Show is broadcast on over 450 stations. Click here to find the show time in your area.


You’ve heard the horror stories about hackers stealing innocent people’s IDs, Social Security numbers and tax refunds. You’ve probably heard that hackers steal billions of dollars from people like you every year. It seems like a day doesn’t go by where a massive data breach spreads your personal information to the Dark Web and to who knows who. That’s why you need to know these easy tips for better computer security.

Click here for 5 simple steps to keep your personal information and financial records safe!

Stop robocalls once and for all

Robocalls are not only annoying, but they scam Americans out of millions every year. Learn Kim's tricks for stopping them for good in this handy guide.

Get the eBook