FBI Issues Urgent Warning on Cybersecurity Risks of Outdated Routers

In our fast-paced digital world, we diligently update our phones and laptops. Many of us even ensure that our smartwatches and home security systems run on the latest firmware. However, we often neglect one critical device: the router. If a router appears to work without issue, we may assume it is operating safely. This mindset, however, poses significant risks.

Recently, the FBI released a warning highlighting that cybercriminals are actively targeting outdated, unpatched routers. In an alert issued in May 2025, the FBI detailed how aging network equipment with known vulnerabilities is being compromised by malware, turning these devices into unknowing accomplices in cybercrime. An overlooked router in your home could transform into a tool for malicious actors.

The FBI’s Internet Crime Complaint Center published a public service announcement on May 7, 2025, cautioning individuals and organizations that criminals take advantage of outdated routers that no longer receive essential security updates.

Vulnerability of Older Routers

Routers manufactured around 2010 or earlier remain particularly susceptible to these threats, as manufacturers typically stop providing firmware updates for devices once they reach their end of life. The FBI reports that compromised routers are often hijacked through a variant of the “TheMoon” malware, which allows hackers to install proxy services on these devices and carry out illicit operations anonymously.

Consequently, home and small-office routers are being quietly recruited into proxy networks that effectively conceal the identities of attackers online. Through schemes involving networks such as “5socks” and “Anyproxy,” cybercriminals sell access to infected routers, allowing payers to route their internet traffic through these unsuspecting devices, thereby masking their own location while using the victim’s IP address.

Common Targeted Router Models

The FBI bulletin identifies specific models that frequently fall victim to these attacks. All of the listed devices are approximately a decade old or more and possess known security vulnerabilities that remain unaddressed since support ended. With their firmware updates discontinued, these routers become soft targets for attackers.

Many recent infections have originated from devices with remote administration features exposed to the internet. Cybercriminals actively scan for such routers and exploit existing firmware flaws without needing passwords. A single malicious request may deceive an outdated device into executing harmful code. Once established, the malware can modify device settings to open ports or disable security features, allowing ongoing remote control and connection to external command-and-control servers.

TheMoon Malware: A Growing Threat

A prominent threat in this landscape is TheMoon malware, first identified in 2014 when it exploited vulnerabilities in Linksys routers. Since its emergence, it has evolved into a stealthy botnet creator, converting infected routers into proxy nodes. Rather than executing direct attacks, TheMoon redirects external traffic through compromised residential networks, thus obscuring the identities of hackers. Cybercrime platforms such as Faceless and 5socks facilitate this by marketing access to these infected routers as “residential proxies,” increasing their value in the cyber underworld.

For users, a compromised router can lead to slower internet speeds, exposure to phishing attacks, and potential legal repercussions if crimes are carried out using the victim’s IP address. Businesses face even greater risks, as outdated routers may lead to deeper network intrusions, data theft, and ransomware attacks, potentially resulting in severe consequences for critical sectors.

Proactive Measures to Secure Your Router

Given the serious threats posed by aging and compromised routers, taking proactive measures is essential for safeguarding networks. Here are six practical steps to protect your devices and deter hackers.

1. Replace Unsupported Routers

If your router is over five years old or if you cannot find recent updates for it from the manufacturer, consider upgrading. Older routers typically cease receiving security fixes, rendering them easy targets for hackers. To assess your router’s status, locate the model number on your device and search for its firmware updates online. If the last update dates back several years, it is wise to replace it with a more current model from a reputable brand.

2. Keep Firmware Up to Date

Similar to smartphones and computers, routers require firmware updates. To perform this essential task, open a web browser, enter your router’s IP address—usually something like 192.168.0.1—and log in using the credentials often affixed to a sticker on the router. Once logged in, navigate to the “Firmware Update” or similar section to check for available updates and apply them accordingly. Some newer models also feature user-friendly apps to streamline this process.

3. Disable Remote Access

While remote access enables convenient control of your router from outside your network, it also opens avenues for hackers. By logging into your router settings, find the option for “Remote Management” or similar, and ensure this feature is disabled. Save your changes and restart the device to enhance security.

4. Set a Strong Router Password

Do not leave your router’s login credentials set to default values, such as “admin” or “password.” Cybercriminals routinely exploit such vulnerabilities first. Create a robust password combining letters, numbers, and symbols. For example, consider a password like T#8r2k!sG91xm4vL. Avoid using the same password across different platforms and consider utilizing a password manager for secure storage and management of complex passwords.

5. Monitor for Unusual Network Activity

If you experience unusually slow internet speeds, frequent device disconnections, or excessive buffering during streaming, something may be amiss. Access your router settings and review the list of connected devices. If you identify any unrecognized devices, this could indicate a security breach. In such instances, update the firmware, change your passwords, and restart the device. If you feel uncomfortable performing these actions, contact your internet service provider for assistance.

6. Report Incidents to Authorities

The FBI encourages anyone encountering a suspected compromise to report the incident to the Internet Crime Complaint Center. Doing so can assist law enforcement in tracking and mitigating larger cyber threats.

The Responsibility of Users and Manufacturers

This issue transcends merely urging everyone to upgrade outdated gear. It raises broader questions about accountability for security when outdated devices become potential risks. Most individuals overlook the routers that have quietly operated in the corner of their homes, long past their prime. However, malicious actors see aging technology as ripe for exploitation. The challenge lies not only in technology but also in the responsibilities shared by manufacturers, service providers, and users concerning the lifecycle of aging equipment.

Should manufacturers be held accountable for ensuring that routers remain secure in the face of evolving cyber threats? Share your thoughts with us.

For more expert tech advice and crucial security alerts, consider subscribing to the CyberGuy Report Newsletter for up-to-date information and tips to protect your digital life.