All articles tagged with #routers
The FCC has barred the sale of new foreign-made routers in the US, effectively freezing most of the market and risking that devices won’t receive security updates after March 1, 2027. Experts advise delaying new router purchases until the scope of exemptions is clarified; for immediate needs, consider an older budget model and prioritize securing current devices while updates remain possible.
The FCC announced a rule prohibiting new consumer Wi‑Fi routers made outside the US, while existing models may continue to be used or sold and will receive software updates under a waiver; it offers a Conditional Approval exemption process for manufacturers to show how they will shift production to the US, including disclosures about foreign ownership and timelines. The move aims to strengthen cybersecurity and trusted supply chains and could affect vendors like TP-Link, Netgear, and Asus, though exemptions may limit immediate impact.
The Trump administration announced a ban on importing newly manufactured routers from foreign companies, citing national security risks tied to supply-chain vulnerabilities and potential threats from foreign-made equipment.
The FCC announced a rule banning approval of new consumer-grade routers manufactured outside the United States, effectively blocking imports of foreign-made models unless they obtain Conditional Approval that often requires commitments to establish or expand U.S. manufacturing. Existing foreign routers can still be used and sold, but future options could be limited as major brands may shift production domestically. The move, framed as national security-oriented, is expected to face legal challenges and its practical security benefits are debated.
The FCC designated consumer routers manufactured outside the US as a security risk, placing all new foreign-made router models on a Covered List. Existing US-based brands with overseas manufacturing are affected, but already-sold routers can still be used and updated through at least March 1, 2027. Conditional approvals may be granted if companies commit to moving some manufacturing to the US. Legal challenges are likely, and shoppers shouldn’t expect new router models on shelves until the policy is clarified.
The FCC updated its equipment-authorization rules to prohibit the sale of any new consumer Wi‑Fi routers manufactured outside the United States, citing national-security concerns and supply-chain vulnerabilities; existing routers remain usable, and vendors can seek exemptions from DHS or the Pentagon with a plan to move manufacturing to the U.S.
Security researchers uncovered KadNap, a new malware targeting Asus routers and other edge devices that forms a decentralized, Kademlia DHT–based proxy botnet with over 14,000 infected hosts (majority in the U.S.). It uses a shell script downloaded from a C2 at 212.104.141.140 to install persistence, fetch a kad ELF, and join a peer-to-peer network that hides C2 traffic and feeds a Doppelgänger proxy service; the operators tier targets, close SSH (port 22), and collect host time and uptime to build peer hashes for network coordination. The same report also details ClipXDaemon, a memory-only Linux clipboard hijacker that replaces copied cryptocurrency wallet addresses in real time for multiple coins, with no C2 or beaconing and designed to avoid Wayland sessions.
Researchers call AirSnitch a cross‑layer Wi‑Fi attack that undermines client isolation at Layers 1–2, enabling bidirectional man‑in‑the‑middle traffic across guest networks, home, and enterprise setups. The technique can intercept and alter traffic, steal cookies and credentials, and DNS data, potentially even when HTTPS is used. It affects a wide range of devices from major vendors and may require hardware changes; some updates exist, but the recommended defenses include VPNs and moving toward zero‑trust networking. In practice, users should be cautious on unknown public APs and consider tethering via mobile data or trusted VPNs until fixes are widely deployed.
The FBI cautions that end-of-life home routers from the late 2000s to early 2010s—especially certain Linksys models—are vulnerable to malware and can be hijacked to form botnets because they no longer receive security updates. Attacks exploit exposed remote management features, and because the malware runs in the router’s operating system rather than on a PC, detections are difficult; if your router is no longer updated, replace it with a newer model to reduce risk.
The FBI has issued a warning against 13 specific older router models, mainly from Linksys/Cisco, that are vulnerable to malware called TheMoon, which can be exploited to control devices and hide malicious activity. Users with these models should consider replacing them, especially if they haven't received updates, to avoid security risks.
A cyberattack last year disabled over 600,000 internet routers across several Midwest states, with new research identifying the malware as "Chalubo." The attack targeted ActionTec routers, and the affected ISP is believed to be Windstream. The incident was not disclosed at the time, and the exact method of the attack remains unclear. Black Lotus Labs recommends securing management devices and avoiding basic security weaknesses.
Wi-Fi 7 is the latest wireless standard offering incredibly fast connections, currently available in the US, UK, Australia, Japan, and Mexico, with a projected 2.1 billion devices by 2028. The new technology introduces 320MHz channels, Multi-Link Operation, deterministic latency, and 4K QAM, but requires a compatible router, with prices ranging from $300 to over $1,000. While offering impressive performance, the cost of entry and limited availability in some countries are factors to consider.
The FBI warns of a new cyberthreat from China targeting home internet routers, with hackers exploiting older models from Cisco and NetGear to install malware and potentially launch cyberattacks on critical U.S. infrastructure. FBI Director Christopher Wray emphasized the risk posed to American citizens and communities, urging regular router updates and disabling remote access to protect against these attacks. Additionally, Chinese hackers have been found exploiting remote login technology, prompting federal agencies to disconnect and install patches to prevent further intrusions.
OpenWrt, the open source firmware, is celebrating its 20th anniversary and is proposing a "fully upstream supported hardware design" to ensure future-proof router hardware without the need for "binary blobs." The proposed "OpenWrt One" board aims to be affordable, with publicly available schematics and code, but will not be produced or sold by OpenWrt. The group is looking to Banana Pi makers for distribution, with proceeds going to the Software Freedom Conservancy. The proposed design has sparked questions and discussions among community members, with some expressing interest in features like ethernet ports and PoE support.
Google has removed the Google Wifi and Nest Wifi routers from its store, possibly in anticipation of a new model. Last year, Google introduced the Nest Wifi Pro with Wi-Fi 6E connectivity and Matter support, and it's speculated that a new Nest Wifi model codenamed "Brezza" may be on the horizon. While the older hardware is still available at other retailers, stock is expected to deplete in the coming weeks.