How to Protect Your Router Against VPNFilter Malware

On Friday, May 25, 2018 the FBI announced that over 500,000 small office and home routers were infected with VPNFilter malware. It appears a group of Russian hackers has taken control of over half a million routers through the VPNFilter malware. This allows the attackers to collect information, exploit your networking devices, and block network traffic. The FBI went on to recommend that owners reboot their routers and consider disabling remote management on the devices. From there you will want to upgrade the firmware on your device.

Let’s start by taking a look at the router brands and models impacted by the recent VPNFilter malware attack. According to a Cisco Intelligence Talos Group bulletin, the follow routers need to be updated to the latest firmware as soon as possible.

  • Netgear – DGN2200, R6400, R7000, R8000, WNR1000, WNR2000
  • Linksys – E120,, E2500, WRVS4400N
  • MikroTik – 1016, 1036, 1072
  • QNAP – TS251, TS439 Pro
  • TP-Link – R600VPN

The process of upgrading your firmware will depend on your router. You will want to visit the manufacturer’s website for step-by-step instructions. We’ll save you a some time by listing the website for each device manufacturer along with general instructions.

How to Update Firmware on Netgear Routers

You can visit the Netgear firmware page for DGN2200, R6400, R7000, R8000, WNR1000, and WNR2000 routers. The general instructions for updating firmware are as follows:

To check for new firmware and update your router:

  1. Launch a web browser from a computer or WiFi device that is connected to the network.
    Note: We recommend that you use an Ethernet cable to connect your computer to your router to update the firmware.
  2. Enter http://www.routerlogin.net.
  3. Enter the router user name and password.
    Note: The user name is admin, and the default password is password. The user name and password are case-sensitive. If you have forgotten your admin password, please see How do I recover my admin password on my NETGEAR router? to recover the password.
  4. Click ADVANCED > Administration.
  5. Click Firmware Update or Router Update.
    Note: The label varies by router.
  6. Click Check.
    Note: The router looks for new firmware information; if any is available it displays a message asking if you want to download and install it.
  7. Click Yes.

How to Update Firmware on Linksys Routers

There are multiple ways to update firmware on your Linksys device. We’ll focus on the web-based setup so that everyone has a place to start. You can refer to this Linksys support page for more details. In the meantime here’s a quick look at the steps necessary to upgrade your firmware.

  1. The first step is to download the latest firmware for you device. You will want to visit the Linksys router support page and search for your model.
  2. Access the router’s web-based setup page. Not sure how? Visit this page first.
  3. Click on Administration > Firmware Upgrade.
  4. Click Browse
  5. Locate the firmware file you downloads and then click Open.
  6. Click the Start Upgrade button.
  7. Click Continue once it prompts that the upgrade is complete.
  8. Reboot your router by unplugging it for 10 seconds, then plugging it back in.

For the remaining devices please visit the manufacture’s websites as follows to download and install the latest firmware updates.

Remember that the first step is to reboot your router. That will stop the malware but it won’t stop the device from being reinfected in the future. That’s why you need to upgrade to the latest firmware immediately. Keeping your firmware up to date is the best way to avoid future infections.

Protect your online privacy and unblock geographic restrictions with a VPN service. We're here to help you find the best VPN to meet your specific needs.