The FBI has issued a nationwide alert warning that cybercriminals are exploiting outdated routers—especially models over a decade old—to power massive proxy networks that hide criminal activity. If you’re still using a router from 2010 or earlier, your network could be compromised without you even knowing.

In a public bulletin published May 7, the FBI’s Internet Crime Complaint Center (IC3) revealed that criminals are deploying a malware strain called TheMoon to quietly hijack outdated routers and use them as anonymous proxy points. Once infected, your home internet connection could be rerouted to help criminals disguise their location, conduct scams, and potentially even commit fraud—while the crimes appear to be coming from your IP address.

The affected routers include:

• Cisco Linksys E1500, E1550, E1000, E1200, E2500, E3200, E4200
• Linksys WRT310N, WRT320N, WRT610N
• Cradlepoint E100, E300
• Cisco M10

These routers are no longer supported by manufacturers, meaning no more security patches—making them ripe targets for exploitation. Worse, cybercriminals have been selling access to them through underground platforms like “5socks” and “Faceless,” turning home networks into anonymous gateways for illegal activity.

Here’s how it works:

Hackers scan the internet for routers with remote administration turned on. They exploit long-known firmware bugs—no passwords needed. Once inside, they install malware that opens ports, disables defenses, and connects your router to their global botnet. From there, bad actors use your connection to mask their identity online. You could end up blamed for actions you never committed.

A hacked router can lead to:

• Slower internet
• Unexpected charges
• Increased exposure to phishing and spyware
• Legal headaches if your IP is tied to a cyberattack

The FBI emphasized that the risk is serious not only for individuals but also for small businesses and critical infrastructure that may still be relying on unsupported hardware.

Here’s how to protect yourself right now:

1. Check your router model — If it’s on the FBI’s list or you haven’t received a firmware update in years, it’s time to replace it.
2. Turn off remote access — Disable “Remote Management” or “WAN Access” in your router settings.
3. Update your firmware — Access your router dashboard and install the latest security patch, if available.
4. Change your default password — Most routers come with “admin” as the default login. Change it to something strong and unique.
5. Watch for strange activity — If your network is slow or unfamiliar devices are connected, investigate immediately.
6. Report suspicious activity — The FBI asks victims or concerned users to file a report with the Internet Crime Complaint Center (IC3).

According to the FBI, it’s not just individuals who bear responsibility here. Manufacturers and service providers must do more to alert customers when products are no longer safe to use. But until then, it’s up to users to stay informed and vigilant.

The bottom line: Your router may seem like a set-it-and-forget-it device, but ignoring its age and software status can expose your home or business to serious cybersecurity threats.

Check your router. Update it—or replace it. And share this with anyone who still uses their “perfectly fine” old gear. In 2025, “fine” might not be good enough.