Home / Technology / FBI Rescues US Routers from Russian Spies
FBI Rescues US Routers from Russian Spies
1 May
Summary
- Russian spies exploited vulnerable TP-Link routers.
- FBI operation hardened routers, removing Russian access.
- Old routers pose security risks and need replacement.
US internet service providers, like Spectrum, are notifying customers about security threats posed by older TP-Link routers. Russian state-sponsored hackers have been exploiting a vulnerability, CVE-2023-50224, to tamper with these devices and redirect internet traffic to malicious sites for credential theft.
To combat this, the FBI conducted a court-authorized operation to harden compromised routers across the United States. This operation removed Russian access and cut off the exploit vector, effectively applying an FBI-imposed patch.
However, routers over five years old are generally considered a security risk. TP-Link has noted that affected models have reached their end-of-life status and are no longer receiving standard maintenance or security updates, making them susceptible to future vulnerabilities.
While the FBI's patch offers some protection, it can be reversed through factory resets. Experts strongly recommend replacing end-of-life routers with newer, supported models that receive regular security updates to ensure ongoing protection.
In parallel, the US government is addressing future risks. The White House and FCC have banned the sale of new foreign-made Wi-Fi routers, with a policy change set for March 1, 2027, potentially blocking software updates for existing foreign-made routers, though clarifications and deadline extensions are expected.
