Your Old Router Could Be a Security Threat - Here's Why and What to Do
Are you still using a router that's past its prime? If so, you could be opening yourself up to a malicious attack. The FBI is warning that cybercriminals are targeting routers that have reached their end of life and are no longer supported by the manufacturer.
The agency has published an advisory and a PSA (Public Service Announcement) last week, highlighting the threat posed by older routers. Typically dated from 2010 or earlier, these routers have already reached end-of-life, which means the manufacturer no longer sells or supports them. This lack of support results in a critical issue: they no longer receive software updates or security patches, leaving them vulnerable to compromise.
Due to this vulnerability, cybercriminals have been able to exploit security vulnerabilities in the routers and control them via built-in remote administration. They install malware and force the devices to join a botnet. From there, they can manipulate all the compromised devices to launch coordinated attacks or sell access to them to other criminals.
Even if the remote administration is password protected, attackers can bypass the security and gain remote command-line access to the routers. This strain of malware known as TheMoon has been a major culprit in this threat. First discovered on compromised routers in 2014, it has since gone through several campaigns.
TheMoon Malware: A Threat to Your Router's Security
According to the FBI, TheMoon does not require a password to infect routers; it scans for open ports and sends a command to a vulnerable script. The malware contacts the command and control (C2) server, and the C2 server responds with instructions, which may include instructing the infected machine to scan for other vulnerable routers to spread the infection and expand the network.
The FBI has cited 13 routers as particularly vulnerable to this type of attack. If your router is on the list or you're just worried about your old device being vulnerable, it's essential to take action.
What Can You Do to Protect Yourself?
The first and most obvious answer is to dump it and buy a new router. A decent router can be found for under $100, though more capable and advanced ones will cost double or triple that. Whatever your budget, you don't want to risk someone hacking into your router and installing malware.
In the meantime, you can take other measures to enhance your security. If security patches are still available, download and install the latest ones. Next, log into the router's firmware and disable the remote administration feature. Save your changes and then restart the router. Finally, switch your router password to something stronger and more secure.
Buying a New Router: What to Expect
A decent router can be found for under $100, offering reliable Wi-Fi speeds and basic security features. However, if you're looking for more advanced features such as mesh networking or AI-powered security, you'll need to budget double or triple that amount.
Staying Ahead of Security News
Stay ahead of the latest security news with Tech Today, delivered to your inbox every morning. Don't miss out on expert advice and tips on how to protect yourself from online threats.