DHS together with FBI recommend that all SOHO router owners ability cycle (reboot) their devices to temporarily disrupt the malware.
Network device administration interfaces—such every bit Telnet, SSH, Winbox, together with HTTP—should last turned off for wide-area network (WAN) interfaces, and, when enabled, secured amongst potent passwords together with encryption. Network devices should last upgraded to the latest available versions of firmware, which oftentimes comprise patches for vulnerabilities. 
Rebooting affected devices volition effort non-persistent portions of the malware to last removed from the system. Network defenders should ensure that first-stage malware is removed from the devices, together with appropriate network-level blocking is inward house prior to rebooting affected devices. This volition ensure that minute phase malware is non downloaded ane time to a greater extent than subsequently reboot.
While the paths at each phase of the malware tin give the sack vary across device platforms, processes running amongst the refer “vpnfilter” are near for sure instances of the minute phase malware. Terminating these processes together with removing associated processes together with persistent files that execute the minute phase malware would probable take this malware from targeted devices.
