30,000+ End-of-Life Routers Hijacked in Massive Cybercrime Proxy Network – Are You at Risk?
End-of-Life Routers Hacked for Cybercrime Proxy Networks: FBI Warns
Outdated Routers Turned into Cybercrime Tools
The FBI has issued a stark warning: hackers are exploiting end-of-life (EoL) routers—devices no longer receiving security updates—to create proxy networks used in cyberattacks. These compromised routers are being sold on underground platforms like 5Socks and Anyproxy, enabling criminals to mask their identities while conducting illegal activities.
How Are Hackers Exploiting Old Routers?
Cybercriminals are targeting outdated Linksys and Cisco routers, injecting them with malware to turn them into residential proxy botnets. Once infected, these devices route malicious traffic, helping attackers:
- Evade detection during cybercrimes
- Conduct covert espionage (including state-sponsored attacks)
- Steal cryptocurrency and perform cybercrime-for-hire operations
The FBI has identified TheMoon malware as a key tool in these attacks, allowing hackers to remotely control routers and use them as proxies.
Which Router Models Are at Risk?
The FBI advisory highlights the following vulnerable EoL models:
- Linksys: E1200, E2500, E1000, E4200, E1500, E300, E3200, E1550, WRT320N, WRT310N, WRT610N
- Cradlepoint: E100
- Cisco: M10
Signs Your Router May Be Compromised
Watch for these red flags:
- Unusual network slowdowns
- Overheating or performance issues
- Unexpected configuration changes
- Strange admin accounts
- Suspicious outgoing traffic
How to Protect Your Network
The FBI recommends:
- Replace EoL routers with newer, supported models.
- Update firmware from the manufacturer’s official site.
- Disable remote administration to block unauthorized access.
- Change default credentials to strong, unique passwords.
Key Takeaways
✔ EoL routers are prime targets—hackers exploit unpatched vulnerabilities.
✔ Proxy networks like 5Socks and Anyproxy sell access to hacked routers.
✔ TheMoon malware is being used to hijack devices for cybercrime.
✔ Chinese state hackers have used these proxies in espionage campaigns.
✔ Replace outdated routers or apply security best practices immediately.
Summary
Cybercriminals are weaponizing old routers, turning them into proxy botnets to hide illegal activities. The FBI warns that Linksys and Cisco EoL models are especially vulnerable, with TheMoon malware enabling remote control. To stay safe, upgrade outdated routers or secure them with firmware updates and strong passwords.
Stay vigilant—your old router could be a hacker’s next weapon.
(Source: FBI Advisory)
