Hackers are attacking your home WiFi router with malware

The FBI and Cybersecurity & Infrastructure Security Agency are now warning about widespread campaigns that have targeted Americans working at home and in small offices since 2020.

It’s been over 2 years since the number of Americans working remotely and changing careers increased significantly. More than ever, people are relying on their internet at home, whether for work or to stay in touch with family. But using WiFi without the backup security and protection of an office’s network does pose some risks.

 

Malware attack on home WiFi networks

 

ZuoRAT malware hack

According to Lumen, researchers in their lab have tracked this malware back almost two years. It’s a multistage remote access trojan (RAT), which is a type of malware that hackers use to control the device they infect remotely.

The malware is designed to hack into SOHO – or small office and home office routers. It can also affect macOS, Windows, and Linux. The malware allows hackers to collect your data and hijack any sites you visit while on your network. The ZuoRAT malware can download files while on your network and run commands.

Router manufacturers NETGEAR, Cisco, ASUS, and DrayTrek, among others, have been infected. Data has shown the IP addresses linked to the exploit are in China and Hong Kong. One of the most dangerous factors is that once your router is infected, it can infect other routers to continue spreading the hackers’ access.

Currently, this ZuoRAT campaign has affected at least 80 targets.

 

Why this malware is dangerous

Larger offices and companies typically require users to be on VPN or at the very least, a secure internet network. But home offices and houses using WiFi for general day-to-day activities are more at-risk because your network comes with less security than a larger office or company may require for their network.

 

How to protect your network

Be sure to follow these steps to help secure your home/office WiFi network so your router is protected.

 

Enable encryption

WPA2 and WPA3 (WiFi-protected access) are the standard encryptions now. If your network is using WEP (wired equivalent privacy) security, this is outdated. New routers should automatically come with WPA2 or WPA3 encryption, but you may have to enable it to be sure your router is secure.

Your wireless network manual will show you how to enable this on your particular network, but be sure to do so so your WiFi requires a password.

 

Update your WiFi password often

When you first set up a new router, it will come with a pre-set WiFi router name and password. Be sure to change this as soon as you set it up and use a strong password. Always make sure your network requires a password to login.

It’s also important to change this information regularly. This makes it harder for anyone to hack into your network.

Use these Best Password Managers to help create and store your passwords.

 

Update firmware and software

As with computers and phones, it’s essential to keep your software up to date to help protect against security threats. Always run the latest software, some routers will call this firmware – so make sure to keep that updated.

 

Install a strong antivirus program

One of the most common ways for hackers to gain access to any of your devices is by sending an infected email or document or tricking a user into clicking a link that ends up downloading this malware.

Avoid all of this by installing antivirus software that will detect any potential threat before it is able to take over your device or router.

Since this specific malware can affect Windows and Macs, use an antivirus program like our #1 pick TotalAV (Limited time deal for CyberGuy readers: $19 your first year (80% off), which offers real-time protection on all types of devices.  Read more about our picks for Best Antivirus Protection.

 

Top 5 secure routers picks

If you’re in the market for a new router, click here for a list of my Top 5 routers which are recommended not only for their security features but also for their compatibility with VPN service providers (which will keep your activity private) such as our top pick, ExpressVPN.  

 

Related: Harmful “Hermit spyware” infecting devices warns Google

Related posts

800,000 VW electric vehicle owners’ data exposed by software bug

The future of trucking rolls forward in Shell’s experimental big rig

PowerSchool data breach exposes millions of student and teacher records