D-Link users beware: Hackers are looking for end-of-life models to exploit

News
By published

A new vulnerability is targeting older models that won't receive patches

Wi-Fi router plugged in on a side table at home
(Image credit: Excitel)

VulnCheck cybersecurity researchers have found a new exploit that targets older, end-of-life D-Link routers in order to hijack them. Routers are often vulnerable to attacks because they are often not properly secured, are used when they are outdated and don’t receive frequent firmware updates.

In this instance, the software on the older D-Link routers cannot properly sanitize user input, which allows hackers to send specifically crafted requests to the router without needing any authentication. This means that attackers can inject and execute arbitrary shell commands remotely and hijack the hardware itself.

As it’s related to DNSCharger, the vulnerability is thought to be related to attacks in 2016 and 2019 called GhostDNS attacks, which targeted firmware variants of DSL gateway models. Those attacks mostly occurred in Brazil and affected multiple vendors, including D-Link. They were intended to commit data theft against the targets.

How to keep your router secure

A person trying to set up a new Wi-Fi router

(Image credit: Shutterstock)

If you own an outdated router, you should replace it right away with one of the best Wi-Fi routers, as it will receive software updates and patches from the manufacturer. Security aside, you're getting a significantly worse online experience when you use an outdated router, including slow internet speeds and difficulties handling multiple connected devices.

You should always apply all available security patches and firmware updates to your router as soon as possible. You should also make sure that you're using a strong and unique password with at least 16 characters. To make things easier, you should use one of the best password managers to generate and securely store it. Additionally, you can disable remote administration and reboot the device.

It’s also a good idea to make sure that you’re using one of the best antivirus software programs – these offer additional features like a VPN that can protect you when you’re online. If you suspect that your router has been compromised, you can contact the FBI’s IC3 (Internet Crime Complaint Center) at ic3.gov to file a complaint.

If you want the latest Wi-Fi, one of the best Wi-Fi 7 routers will provide you with the best experience possible. However, if you don't mind not having access to the faster 6GHz band, one of the best Wi-Fi 6 routers will still be a major upgrade.

Google News

Follow Tom's Guide on Google News and add us as a preferred source to get our up-to-date news, analysis, and reviews in your feeds.

More from Tom's Guide

Amber Bouman
Amber Bouman
Senior Editor Security

Amber Bouman is the senior security editor at Tom's Guide where she writes about antivirus software, home security, identity theft and more. She has long had an interest in personal security, both online and off, and also has an appreciation for martial arts and edged weapons. With over two decades of experience working in tech journalism, Amber has written for a number of publications including PC World, Maximum PC, Tech Hive, and Engadget covering everything from smartphones to smart breast pumps. 

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.