Thursday, January 23, 2025
HomeBotnetD-Link Warns of Botnets Exploiting End-of-Life Routers

D-Link Warns of Botnets Exploiting End-of-Life Routers

Published on

SIEM as a Service

Follow Us on Google News

D-Link warned users of several legacy router models about known vulnerabilities actively exploited by botnets.

These devices, which have reached End-of-Life (EOL) and End-of-Service (EOS), are at heightened risk of being targeted by malware strains known as “Ficora” and “Capsaicin.”

Vulnerable Legacy Routers

The affected devices include the following models:

  • DIR-645 (US/Global)
  • DIR-806 (Non-US)
  • GO-RT-AC750 (Non-US)
  • DIR-845L (Non-US)

These routers, spanning all hardware revisions and firmware versions, are no longer supported.

Their firmware development ceased well before 2024. For instance, DIR-645 reached EOS in 2018, while other international models like DIR-806, GO-RT-AC750, and DIR-845L were discontinued between 2016 and 2018.

Critical Vulnerabilities Exploited

Reports from Fortiguard detail how the malware botnets Ficora and Capsaicin exploit these unsupported routers to carry out malicious activities.

These botnets target outdated firmware, taking advantage of security gaps that no longer receive updates or patches.

Once compromised, these routers can be used for Distributed Denial-of-Service (DDoS) attacks, data theft, or launching further malware campaigns.

D-Link has emphasized that continuing to use EOL/EOS devices presents significant cybersecurity risks. Unsupported devices often lack critical firmware updates and security patches, making them highly susceptible to modern cyberattacks.

D-Link strongly advises users to retire these routers immediately and replace them with newer models that receive regular firmware updates.

For consumers in North America, D-Link suggests the following actions:

  1. Retire and Replace: Replace the affected models with current products that receive firmware updates.
  2. Update Firmware: If immediate replacement isn’t possible, ensure the device runs the latest firmware.
  3. Enhance Security: Change passwords for web configuration access and enable Wi-Fi encryption with strong, unique passwords.
  4. Stay Vigilant: Regularly monitor for firmware updates, though no further updates will be released for EOL routers.

While this advisory primarily targets users in North America, D-Link urges all international users of legacy devices to consult their regional D-Link offices for tailored recommendations.

The company highlights the importance of staying ahead of technological advancements and ensuring equipment aligns with current cybersecurity standards.

D-Link’s decision to classify these models as EOL/EOS aligns with the natural lifecycle of technological products.

As these devices age, they become obsolete due to security measures and advancements in wireless technology. The company stresses the importance of upgrading to newer models to safeguard users against evolving threats.

Investigate Real-World Malicious Links, Malware & Phishing Attacks With ANY.RUN – Try for Free

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Critical Vulnerability in Next.js Framework Exposes Websites to Cache Poisoning and XSS Attacks

A new report has put the spotlight on potential security vulnerabilities within the popular...

New Cookie Sandwich Technique Allows Stealing of HttpOnly Cookies

The "Cookie Sandwich Attack" showcases a sophisticated way of exploiting inconsistencies in cookie parsing...

GhostGPT – Jailbreaked ChatGPT that Creates Malware & Exploits

Artificial intelligence (AI) tools have revolutionized how we approach everyday tasks, but they also...

Tycoon 2FA Phishing Kit Using Specially Crafted Code to Evade Detection

The rapid evolution of Phishing-as-a-Service (PhaaS) platforms is reshaping the threat landscape, enabling attackers...

API Security Webinar

Free Webinar - DevSecOps Hacks

By embedding security into your CI/CD workflows, you can shift left, streamline your DevSecOps processes, and release secure applications faster—all while saving time and resources.

In this webinar, join Phani Deepak Akella ( VP of Marketing ) and Karthik Krishnamoorthy (CTO), Indusface as they explores best practices for integrating application security into your CI/CD workflows using tools like Jenkins and Jira.

Discussion points

Automate security scans as part of the CI/CD pipeline.
Get real-time, actionable insights into vulnerabilities.
Prioritize and track fixes directly in Jira, enhancing collaboration.
Reduce risks and costs by addressing vulnerabilities pre-production.

More like this

GhostGPT – Jailbreaked ChatGPT that Creates Malware & Exploits

Artificial intelligence (AI) tools have revolutionized how we approach everyday tasks, but they also...

Tycoon 2FA Phishing Kit Using Specially Crafted Code to Evade Detection

The rapid evolution of Phishing-as-a-Service (PhaaS) platforms is reshaping the threat landscape, enabling attackers...

Microsoft Unveils New Identity Secure Score Recommendations in General Availability

Microsoft has announced the general availability of 11 new Identity Secure Score recommendations in...