Robert Graham, who heads Errata Security and was formerly the chief scientist at Internet Security Systems, said in a tweet that "it (the FBI) advised 126 million households in the US to reboot their routers in order to address a botnet of 500,000 devices located mostly outside the US".
This advice from the FBI is best described as "moronic". It advised 126 million households in the U.S. to reboot their routers in order to address a botnet of 500,000 devices located mostly outside the U.S.https://t.co/qhm96HmLVZ— Robᵉʳᵗ Graham ? (@ErrataRob) 28 May 2018
Since infected routers needed to contact this server to load the functional part of the malware — as the primary C2 server had been taken down — rebooting would ensure that they would only continue to host the first stage.
As iTWire reported, Talos said VPNFilter was likely to be a state-sponsored attack and that it was making its findings public even though they were incomplete, in order that affected parties could take action to defend themselves.
But Graham pooh-poohed the FBI's advice. "Moreover, if your router is actually infected, simply rebooting it means that it'll get reinfected with this or some other bot in a short period of time," he said.
The advice read: "The FBI recommends any owner of small office and home office routers reboot the devices to temporarily disrupt the malware and aid the potential identification of infected devices.
"Owners are advised to consider disabling remote management settings on devices and secure with strong passwords and encryption when enabled. Network devices should be upgraded to the latest available versions of firmware."
Said Graham: "What's notable here is that the hapless FBI is unable or unwilling to do what it takes in order to fix the problem, such as running a script that resets all the routers, or setting up a website that probes your router to see if it's vulnerable."
Router manufacturer Netgear has advised users of its hardware to update their firmware.