We have mastered updates to our phones and laptops. Some of us even make sure our smartwatches and security cameras are running the latest firmware. But routers are often ignored. We think this is good if it works, but this mentality can be risky.
Now, the FBI has issued a warning that cybercriminals are actively exploiting old, uncatched and outdated routers. The alert, released in May 2025, explains how aging network devices with known defects can be hijacked through malware and used to power anonymous cybercrime operations. The forgotten devices in your home can be silently a tool for attackers.
Join the free “Cyberguy Report”: Get my expert technical tips, critical security alerts and exclusive deals, and instant access to my Free “Ultimate Scam Survival Guide” When you register!
router (Kurt “Cyberguy” Knutsson)
FBI Alert
The FBI’s Internet Crime Complaints Center published Public Service Announcement, May 7, 2025warning individuals and organizations that criminals are taking advantage of outdated routers that no longer receive security patches.
Equipment produced before 2010 or earlier is particularly vulnerable as suppliers have long stopped providing them with firmware updates. According to the FBI, this end-of-life router has been violated by network participants using a variant of the “Themoon” malware, allowing attackers to install proxy services on devices and conduct illegal activities anonymously.
Essentially, home and small office routers are quietly summoned into proxy networks that mask the perpetrator’s online identity. The alert states that through networks such as “5socks” and “Anyproxy”, criminals have been selling access to infected routers as proxy nodes. In these schemes, payment customers can route internet traffic through uninformed victim routers, covering up their location while the victim’s device (and IP address), which is the person in charge.
router (Kurt “Cyberguy” Knutsson)
FBI warns of new ransomware scams against sensitive data
Which routers are affected?
The FBI announcement even calls specific router models frequent targets, including:
- Cisco M10
- Cisco Linksys E1500
- Cisco Linksys E1550
- Cisco Linksys WRT610N
- Cisco Linksys E1000
- Cradlepoint E100
- Cradlepoint E300
- Linksys E1200
- Linksys E2500
- Linksys E3200
- Linksys WRT320N
- Linksys E4200
- Linksys WRT310N
All of these devices are about a decade or older and have known security vulnerabilities that, once ended, have never been patched. As their firmware updates are long-term discontinued, any stationary targets that are still in use are soft targets for the attacker.
What exactly is a data breach? Why should I care?
How hackers leverage these routers
Many recent infections stem from remotely managed devices accessing the internet. Attackers scan for such routers, exploiting known firmware flaws without passwords. A single crafted web request can cause older devices to spoof running malicious code. Once inside, the malware will usually change settings, turn on the port, or disable security features to maintain controls and connect to external command and control servers.
A well-known threat is Themoon, a malware that first appeared in 2014, which exploited flaws in Linksys routers. Since then, it has evolved into an invisible botnet builder that turns infected routers into proxy nodes. Instead of launching direct attacks, they re-arranged third-party traffic and covered the hacker’s identity behind daily home networks. Cybercrime platforms such as Faceless and 5socks sell access to these infected routers as “residential agents”, making them a valuable asset in digital underground.
For users, a trade-off router means slow connections, exposure to phishing and spyware, and potentially legal troubles if criminals abuse their IP addresses. For enterprises, the risk is higher: outdated routers can be leveraged for deeper network intrusions, data thefts, and ransomware attacks. In critical sectors, the consequences can seriously affect security and compliance.
How to delete your personal information from people search websites
A woman working on a laptop (Kurt “Cyberguy” Knutsson)
200 million social media records leaked in major X data breach
Six ways to protect router hackers
Given the serious threat of router obsoleteness and compromise, taking positive measures is essential. Here are six practical steps you can follow to protect your network and put hackers in trouble.
1) If the old router is no longer supported, please replace the old router: If your router is over five to seven years old, or you can’t find any latest updates on the manufacturer’s website, it may be time to upgrade. Older routers often stop getting security fixes, which makes them easy targets for hackers. To check, check the tags on your router for model number and search online for “[model number] Firmware update. “If the last update was a few years ago, consider replacing it with a newer model from a trusted brand.
If you are not sure which router to get, check out my list Top-notch routers for best security. It includes models with powerful security features and VPN Service.
2) Keep the router’s firmware updated: Your router runs a software called firmware, which needs to be updated like a phone or computer. To do this, open the web browser and type the router’s IP address (usually 192.168.0.1 or 192.168.1.1), and log in with your username and password (usually found on the sticker on the router). After indoors, look for a section called “Firmware Update”, “System”, or “Management” and check if it is available. If there is one. Some newer routers also have applications that make it easier.
3) Turn off remote access: Remote access allows you to control your router from outside your home network, but it also opens doors for hackers. You can turn off this issue by logging in to the router’s settings (using the same steps as above) and then finding settings called Remote Management, Remote Access, or WAN Access. Make sure this feature is disabled, then save the changes and restart the router.
4) Use a strong password for the router: Do not use the default login router to leave the router, such as “admin” and “password”. This is the first thing a hacker tries to do. Change it to a long and strong password and mix letters, numbers and symbols. A good example is t#8r2k! sg91xm4vl. Try to avoid using the same password used elsewhere. You can usually change the login password in the Admin or Security section of your router settings. Consider using a password manager to generate and store complex passwords. Get more details about me Best Expert Review Password Manager in 2025.
5) Look for strange behaviors and act quickly: If your internet feels unusually slow, your device is disconnected or streaming buffers more randomly than usual, which can mean some problems. Go to router settings and check the list of connected devices. If you see something you don’t recognize, it can be a sign of a violation. In this case, update the firmware, change the password and restart the router. If you are unwilling to do so yourself, please call your internet provider for help.
6) Report to the authorities: FBI asks victims or people who suspect compromise to report the incident Internet Crime Complaint Centerwhich can help authorities track and mitigate wider threats.
Subscribe to Kurt’s YouTube channel for quick video tips on how to use all your tech devices
Kurt’s key points
This is not just about upgrading old equipment. When outdated equipment becomes a security risk, it is a bigger question about who is actually responsible. Most people don’t think twice before walking, sit on the router around the corner, quietly completing their work at their peak. But the attacker does. They think that forgotten hardware is a simple goal. The real challenge is not only technical. It’s about how manufacturers, service providers and users deal with the long tail of aging technologies that still exist in the real world.
Should manufacturers be responsible for routers ensuring that they are preventing cyber threats? Let’s write to us cyberguy.com/contact.
For more technical tips and security alerts for me, please subscribe to my free online reporting newsletter cyberguy.com/newsletter.
Ask Kurt a question or let us know what stories you want us to cover.
Follow Kurt on his social channels:
Answers to the most popular web guess questions:
New things from Kurt:
Copyright 2025 CyberGuy.com. all rights reserved.
