The FBI Warns Americans To Replace These Wi-Fi Routers
Modern device software and operating systems typically receive firmware updates over time with bug fixes and security patches. But when those devices hit end-of-life (EOL) status, and official support stops, they can get compromised due to becoming more vulnerable as time goes on. When that happens, it's usually a good idea to upgrade your device, like with a series of outdated routers that the FBI has flagged in a flash notice. The agency lists 12 routers, which have reached EOL, that could be compromised through malware injections, leading to a botnet for launching coordinated attacks or to sell access to the routers via proxy services.
Most of the devices are from Linksys, with a single router from Cisco, and from what the FBI has shared in its notice, these routers have been compromised by threat actors. The malware targets remote management software and bypasses administrative passwords to gain shell access. If you are still using one of the affected routers, the FBI recommends replacing it with a newer, factory-supported option. Really, if you still have a 2.4GHz router, you need to upgrade anyway as single-band units can bottleneck your Wi-Fi connection.
How hackers gain access to affected routers
Per the FBI, this exploitation method takes advantage of outdated remote management software installed on older routers. Attackers use known vulnerabilities in the router software to upload malware. In other words, they're taking advantage of security weaknesses that would have likely been patched or fixed in modern hardware. Once connected, the router is used to establish botnets, which are a connected series of compromised devices used to carry out further attacks on other networks or users.
One of the world's largest botnets had compromised over 19 million devices before it was dismantled in 2024. Once infected, the devices communicate via a command and control server, which confirms whether they're still active and available for exploitation. Malware tools can also be used to compromise networks by opening up ports and channeling connections through proxy servers, which can siphon off sensitive data like unencrypted passwords or account details.
In the past, aggressive malware has targeted gaming systems and gained access to the data contained within. Once infected, this malware is difficult to detect, so again, the best answer to the problem is to upgrade your equipment. If you do upgrade, make sure to avoid Consumer Reports' list of cheap routers, as many are not up to par in regards of performance and usability.