Skip to Content
© Dragonimages | Dreamstime.com
Security & privacy

Millions of routers from Netgear, Linksys, D-Link and more at risk of malware attack

Routers are one of the most important pieces of tech in our lives that most people never think about. If there is a problem with the router, it can leave your whole system vulnerable to malware or attack from hackers.

Now, a new malware attack is targeting millions of popular routers. Security researchers discovered malware called BotenaGo, and it packs a mighty punch. Tap or click here to see how a fake smart TV remote is hiding malware.

If you have any of the routers on the list, you must take steps to minimize the risk of attack. Read on for critical steps to protect your router.

Here’s the backstory

BotenaGo malware has been designed to exploit as many as 33 vulnerabilities spanning different router brands and IoT devices.

The malware works by creating a backdoor on the router and patiently waits to attack. It lurks in the dark back alley, and when a device wants to move through the alley using port 19412, it strikes. BotenaGo then piggybacks on the device to infiltrate networks and steal personal information.

If your router or IoT devices get infected with BotenaGo, criminals could use them in botnet attacks against websites or as delivery systems for spam emails. And cybercriminals behind the malware could change the payload and use BotenaGo for other nefarious purposes in the future.

The affected routers include:

  • DrayTek Vigor2960
  • D-Link DIR-645 Wired/Wireless Router
  • Netgear WN604, WNAP210v2, WNAP320, WNDAP350, WNDAP360, and WNDAP660
  • Netgear R6250 and DGN2200
  • GPON home routers
  • Linksys X3000
  • D-Link DIR-610
  • Comtrend VR-3033
  • Tenda AC15 AC1900
  • ZTE F460 and F660

In a blog post, AT&T’s Alien Labs explained that BotenaGo is only one part of a much larger “malware suite” and is just a module in the infection of machines.

How to protect your router from malware

The best defense that you have against this malware attack is to make sure that your router is updated with the latest firmware. You should also ensure your device’s operating systems and apps are updated.

The process of securing your router will vary depending on the make and model. No two router manufacturers have the same dashboard, but the steps should all be similar.

The first thing to do is log into the main administrator page. This requires the IP address used by your router and the admin password. You can usually find these in the user guide for your router brand, but some sites can help you figure it out if you don’t have this information. Tap or click here for a list of default passwords for 548 router brands.

Once you have entered the username and password, you will be shown the main dashboard. Here, look for an option called Advanced or Management. To update the router, look for Firmware Update, System Update, or Downloads.

Clicking on it will automatically download the latest firmware update. After the router restarts, you should be good to go. If there is an option for it, set your router to automatically download new firmware versions as they become available.

The next critical step to take is to have trustworthy antivirus software on all of your devices. We recommend our sponsor, TotalAV.

With TotalAV, you get so much more than antivirus protection. It’s the full package: A security suite that protects your computer and smartphone from today’s threats. Get the Best Security Suite for 2021 and save big at TotalAV.com/Kim. That’s just $19 for an entire year of protection.

Keep reading

A popular phone scam is back as a convincing text from a ‘friend’

Robinhood breach exposes millions of names and email addresses – Take these steps

Refer friends, earn rewards!

Why not share your source of digital lifestyle news, tips and advice with others? When your friends and family subscribe to Kim's free newsletters, you earn points toward awesome rewards!

Get rewarded