GoKawiilThe FBI and NSA jointly announced that Russia has been systematically compromising the security of home and small office routers since at least 2024.
They obtained a court order to allow them to remotely reset thousands of affected devices in the US, but if yours is one of them, it needs to be urgently replaced …
CNET reports.
Federal agencies, including the FBI and NSA, disclosed on April 7 that a unit of Russia’s military intelligence directorate, the GRU group known as APT28 or Fancy Bear, has been systematically compromising home and small office routers since at least 2024, using the access to intercept credentials, authentication tokens and sensitive communications. The agency took the unusual step of remotely resetting thousands of affected US devices under a court order, but officials are warning that without action from individual router owners, the problem is far from solved.
However, the agencies say that the affected routers are no longer receiving security updates and should be replaced.
The good news is that the average 9to5Mac reader is unlikely to be using one of the affected routers as they are so old. The specific model referenced by the FBI was originally launched in 2007, although the UK’s National Cyber Security Centre says that other TP-Link models were targeted. These include:
TP-Link TL-WR841N
TP-Link LTE Wireless N Router MR6400
TP-Link Wireless Dual Band Gigabit Router Archer C5
TP-Link Wireless Dual Band Gigabit Router Archer C7
... continue reading