Upgrading the router's firmware and changing the password will also help secure your device. There's often a small pinhole button on the underside or back of the router that performs a factory reset if you press it with a pin or the end of a paperclip.
Clearly, it's a sophisticated piece of tech; the Federal Bureau of Investigation attributes the malware to "foreign cyber actors" and The New York Times reports that it's of Russian origin, with the Justice Department linking it to the Sofacy Group.
That's because at least 500,000 routers and other devices worldwide have been infected by sophisticated malware that likely comes from Russian state-sponsored hackers, as Cisco Talos labs disclosed last week. Turning the router on and off temporarily disrupts the malware and erases parts of it, though the router can be reinfected.
But there's a simple solution: turn it off, and turn it on again.
A similar malware compromised half-million internet-connected routers in the Ukraine.
Your internet router might be spying on you.
Specifically targeted in the attack are are Linksys, MikoTik, NETGEAR and TP-Link routers and QNAP network-attached storage devised. The agency also suggests owners disable remote management settings and set up strong passwords.
The Justice Department has linked the malware to a cyber espionage group that's been called Sofacy, APT 28 or fancy bear by researchers in the cybersecurity industry.
While these steps will remove the VPNFilter infection and protect you from current known threats, they are not going to protect you forever.