Reboot your internet router now. That's what the FBI is telling the users of some 500,000 devices believed to be infected with powerful Russian malware capable of intelligence-collecting, software monitoring, and disabling routers, according to the New York Times. Network technology company Cisco Systems and antivirus company Symantec first issued a warning on Wednesday about the routers, which the company said have been compromised in a possible effort to lay the groundwork for a cyber-sabotage operation against targets in Ukraine, per the AP. According to ArsTechnica, the so-called VPNFilter malware uses three distinct stages in order to send gathered data back to the dark actors, who've been identified as the Russian government-linked hacker group Fancy Bear. While the first stage can survive rebooting, the second and third reportedly cannot.
Routers from Linksys, Mikrotik, Netgear, QNAP, and TP-Link are reportedly those vulnerable to the malware, but the FBI recommended Friday that any owner of small office and home office routers "reboot the devices to temporarily disrupt the malware and aid the potential identification of infected devices." The FBI advised router owners to consider disabling remote management settings on devices and to secure routers with strong passwords and encryption whenever possible. Network devices should also be upgraded to the latest available versions of firmware, the FBI said. The group Fancy Bear reportedly is known by many other names, including Sofacy, APT 28, and Pawn Storm, and is believed to be the party responsible for the 2016 DNC hack. (More Russia stories.)