FBI warns of hackers exploiting outdated routers. Check yours now

In this digital age, we are constantly updating our phones, laptops, smartwatches, and security cameras to ensure that they are running the latest firmware and protected from cyber threats. However, one crucial device that often gets overlooked is the router. Many of us assume that if our router is working, then it is fine. But this mindset can be risky, as outdated routers are vulnerable to exploitation by cybercriminals.

The FBI recently issued a warning about the active exploitation of old, unpatched, and outdated routers by cybercriminals. In a public service announcement released in May 2025, the FBI cautioned individuals and organizations that criminals are taking advantage of aging network devices with known flaws to hijack them with malware. These compromised routers are then used to power anonymous cybercrime operations, with the perpetrators remaining hidden behind unsuspecting victims’ IP addresses.

Specific router models manufactured around 2010 or earlier are particularly vulnerable to exploitation, as vendors have long stopped providing firmware updates for them. Some of the models named in the FBI alert include Cisco M10, Cisco Linksys E1500, Linksys E2500, and Cradlepoint E300, among others. These devices have known security vulnerabilities that were never patched, making them easy targets for hackers.

Hackers exploit these routers by scanning for devices with remote administration exposed to the internet. They exploit known firmware flaws to gain access without needing passwords, allowing them to run malicious code on the devices. Malware can then alter settings, open ports, disable security features, and connect to external command-and-control servers, enabling hackers to maintain control and conduct illicit activities anonymously.

To protect your network from router hackers, there are several steps you can take. Firstly, replace your old router if it is no longer supported by the manufacturer. Check for firmware updates regularly and apply them promptly. Turn off remote access to your router, use a strong password for router settings, monitor for any unusual behavior, and report any suspected compromises to the authorities.

Ultimately, the responsibility for securing outdated devices falls on manufacturers, service providers, and users alike. It is crucial to stay vigilant and proactive in keeping your router and network secure from cyber threats. By following best practices and staying informed about potential risks, you can protect yourself and your data from falling into the hands of cybercriminals.