Cybercriminal Services Target End-of-Life Routers, FBI Warns

Summary:
The FBI is warning people that hackers are going after old Wi-Fi routers that aren’t getting updates anymore. These outdated routers are easy to break into because they have known problems that haven’t been fixed. Once the hackers get in, they install malware that lets them use the routers to hide their real location while doing illegal stuff online. Some of these hacked routers are even being rented out to other cybercriminals using shady services like 5Socks and Anyproxy.

The bad guys can control the routers from far away and make them check in every few minutes to stay connected. Even if the router has a password, they can still break in if remote access is turned on. Some of the routers being targeted include:

  • Linksys E100, E1000, E1200, E1500, E1550, E2500, E300, E3200, E4200
  • WRT310N, WRT320N, WRT610N
  • Cisco M10

The malware also opens up the routers so they can be used as “proxies,” which means they hide where the hacker is really coming from.

Security Officer Comments:
This is a big deal because a lot of people forget about older devices once they’re set up and working. Hackers know this and use it to their advantage. These old routers might seem harmless, but once they’re hacked, they can be turned into tools for even bigger cyberattacks. Even countries like China have been caught using old routers like this to hide their hacking activities. If people don’t update or replace their old tech, they might be helping criminals without even knowing it.

Suggested Corrections:

  • Replace old routers: If your router is on the list or doesn't get updates anymore, it’s time to get a new one.
  • Turn off remote access: This stops hackers from being able to control the router over the internet.
  • Restart the router: If your router might be infected, rebooting it can help stop the malware.
  • Keep things updated: Make sure your devices get the latest security updates.
  • Watch for weird activity: Keep an eye on your network—if something strange is happening (like a lot of data going out), it could be a sign something’s wrong.

Link(s):
https://securityaffairs.com/177648/cyber-crime/malware-targets-end-of-life-routers.html

https://www.ic3.gov/CSA/2025/250507.pdf

Contact Us for Threat Assistance Back to Current Threats

Just Starting?



Contact LACyber for More Info



Current Active Cyber Threats