This is a multi part infection and rebooting gets rid of two of the three components. The only persistent part looks for a specific web address to attempt to re-infect with the other parts after a reboot.
The FBI recommends any owner of small office and home office routers reboot the devices to temporarily disrupt the malware and aid the potential identification of infected devices. Owners are advised to consider disabling remote management settings on devices and secure with strong passwords and encryption when enabled. Network devices should be upgraded to the latest available versions of firmware.
Edit: I am not sure if It belongs in networking hardware or in off topic. Please move it if necessary.
I didn’t see it posted so I thought I would post it here for visibility.
To be clear, I don’t think rebooting will actually help you. Apparently, it is just to help them identify infected devices. I don’t know how. Any ideas?
Nice to see Asus not making the list- had been rocking a rt-ac68u before going pfSense and I have nothing but great things to say about it. They have had their bad moves on some features, but they fix it. Then again maybe it didn’t make the list because its simply not as common- just not worth their while.
There is/was some sort of vulnerability with ASUS router if you have ever used android app to control it.(or possibly if you have asus ai services enabled) It automatically opens ports to the world for hackers to exploit.
Also, I wouldn’t trust what FBI says. Especially since they claim its the same people who allegedly hacked the US election.