The FBI is recommending power cycling Wi-Fi routers as a step to counter "foreign cyber actors" seeding malware known as "VPNFilter."

The malicious code can "perform multiple functions, including possible information collection, device exploitation, and blocking network traffic," according to the FBI's Internet Crime Complaint Center. It can potentially render routers inoperable, and is hard to detect due to use of encryption and "misattributable networks."

Rebooting a router won't kill the malware, but will temporarily disrupt it and may help identify affected hardware, the IC3 said. As a further precaution people may want to disable remote management, use original secure passwords, and make sure they've updated to the latest firmware.

Security firm Symantec indicates that activity suggests the target was originally Ukraine, and specifically industrial control systems. The malware "does not appear to be scanning and indiscriminately attempting to infect every vulnerable device globally," Symantec said.

Affected routers and NAS (network-attached storage) devices are known to include:

Linksys E1200

Linksys E2500

Linksys WRVS4400N

Mikrotik RouterOS for Cloud Core Routers: Versions 1016, 1036, and 1072

Netgear DGN2200

Netgear R6400

Netgear R7000

Netgear R8000

Netgear WNR1000

Netgear WNR2000

QNAP TS251

QNAP TS439 Pro

Other QNAP NAS devices running QTS software

TP-Link R600VPN

The Justice Department has identified the perpetrators as the "Sofacy Group," which goes by several other names and allegedly targets "government, military, security organizations, and other targets of perceived intelligence value." In trying to defeat VPNFilter, the U.S. has seized a domain associated with a Sofacy botnet.

At present, it does not appear that the AirPort family is affected.