Skip to main content

Don’t shoot for ‘TheMoon’: New malware takes aim at Linksys routers

decrypt this the future of router security linkys
Image used with permission by copyright holder

If you own a Linksys router, beware: There’s a new strain of malware that’s making its way through the Internet as we speak.

The virus is called “TheMoon,” and it was discovered by some researchers at the Internet Storm Center, which makes its home at the SANS Institute, a private firm that specializes in Internet security. Hackers using the TheMoon can log into your router without actually knowing the router’s credentials. However, your Linksys router is only vulnerable to TheMoon if Remote Management Access is enabled within the hardware’s administrative settings.

Recommended Videos

Possible Linksys routers affected by TheMoon include the following models: E300, E900, E1000, E1200, E1500, E1550, E2000, E2100L, E2500, E3000, E3200, E4200, WAG320N, WAP300N, WES610N, WAP610N, WRT610N, WRT400N, WRT600N, WRT320N, WRT160N, and WRT150N. An exploit writer who goes by the alias “Rew” compiled this list, stating that these routers might be affected and that the list wasn’t necessarily a complete one.

Linksys published an official blog post where they addressed TheMoon, and included a solution on how to safeguard your Linksys router from infection. Here’s what Linksys had to say:

“Linksys is aware of the malware called The Moon that has affected select older Linksys E-series Routers and select older Wireless-N access points and routers. We will be working on the affected products with a firmware fix that is planned to be posted on our website in the coming weeks.”

Linksys recommends that, on top of disabling Remote Management Access in your router’s settings, you should also enable Filter Anonymous Internet Requests, which you can find under the Administration-Security tabs. You should also update your Linksys router’s firmware to the latest version, which you can do by clicking here, and reboot by unplugging and plugging its power cable back in once you’ve completed all the other steps.

What do you think? Sound off in the comments below.

Konrad Krawczyk
Former Digital Trends Contributor
Konrad covers desktops, laptops, tablets, sports tech and subjects in between for Digital Trends. Prior to joining DT, he…
This game lets hackers attack your PC, and you don’t even need to play it
Genshin Impact characters.

Hackers have been abusing the anti-cheat system in a massively popular game, and you don't even need to have it installed on your computer to be affected.

The game in question is called Genshin Impact, and according to a new report, hackers are able to utilize the game's anti-cheat measures in order to disable antivirus programs on the target machine. From there, they're free to conduct ransomware attacks and take control of the device.

Read more
Don’t fall for this devious new Microsoft Office scam
A package with a fake Microsoft Office USB stick.

With packaging looking legitimate enough at first glance, scammers are sending out fake Microsoft Office USB sticks -- loaded with ransomware -- to individuals.

As reported by Tom’s Hardware and PCMag, the USBs are sent out to randomly selected addresses in the hopes of convincing targets that they inadvertently received a $439 Office Professional Plus package.

Read more
Oh great, new malware lets hackers hijack your Wi-Fi router
The Linksys Hydra 6 dual-band mesh WiFi 6 router.

As if you didn't already have enough to worry about, a new report finds hackers are targeting home Wi-Fi routers to gain access to all your connected devices.

The report comes from Black Lotus Lab, a security division of Lumen Technologies. The report details several observed real-world attacks on small home/home office (SOHO) routers since 2020 when millions of people began working from home at the start of the COVID 19 pandemic.

Read more