Skip to Content
© Piotr Adamowicz |
Security & privacy

Time to patch your router! Yours might be open to a critical flaw being exploited

It is not just iPhones and Android devices that need the occasional update. Computers regularly require newer software or operating systems to remain impervious to hackers. Tap or click here for 20 security secrets hackers don’t want you to know.

But sometimes, your router also needs a refresher. Firmware updates can add settings or helpful functions. You can add another reason for updating your router now: To stop cybercriminals from exploiting a flaw found in thousands of routers.

Your home or work router could have this critical flaw that is being used for a huge botnet. Keep reading for a simple fix to this dangerous flaw.

Here’s the backstory

The Mirai botnet has been wreaking havoc on networks for some time, but a new variant has popped up that targets certain routers. The original botnet emerged last year, with its focus on disrupting digital display boards and presentation systems.

It cracked its way through 27 vulnerabilities with exposed Telnet ports and focused its attack on LG’s Supersign TVs and the WePresent WiPG-1000 wireless presentation system.

The new variant has shifted its focus to home routers, and yours could be vulnerable to attack. Security researchers at IoT Inspector discovered that it targets vulnerabilities in the software development kit (SDK) of Realtek devices.

Realtek is one of the most used companies by router makers, as it provides all the semiconductor components that go into several devices. These devices include routers and internal components found in many home-based computers.

It was discovered that as many as 65 companies’ devices could be at risk. This includes plenty of wireless access points, routers and other network equipment.

Once the network has been breached, the botnet seeks out any connected devices. It will attempt to circumvent security and include the network device into the botnet. Large-scale botnets are typically used to launch distributed denial of service (DDOS) attacks.

How to update your router

The process of securing your router will vary depending on the make and model. No two router manufacturers have the same dashboard, but the steps should all be similar.

First, you’ll need to get to your router admin page. This requires the IP address used by your router and the admin password. You can usually find these in the user guide for your router brand, but some sites can help you figure it out if you don’t have this information. Tap or click here for a list of default passwords for 548 router brands.

Once you’ve opened your router’s admin page, find a section called Advanced or Management to look for firmware updates. Download any updates available to bring your system up to date. If there is an option in your router settings that enables automatic updates, make sure to turn it on. 

Keep reading

Free check to see if your router is hackable by criminals

Still using the default Wi-Fi or router password? Change it now

Komando Community background

Join the Komando Community

Get even more know-how in the Komando Community! Here, you can enjoy The Kim Komando Show on your schedule, read Kim's eBooks for free, ask your tech questions in the Forum — and so much more.

Try it for 30 days