In general, people don't give much thought to the router to which the computers, cell phones, tablets and consoles are connected via cable or WiFi: it's connected, the devices are connected to it, and that's it. But that's a mistake, because if the default settings remain unchanged, hackers have an easy time of it.
Router: A popular target for hackers
Of course, it's a great thing for hackers to have direct access to a computer, but they are usually protected against malicious programs by antivirus software. It is often easier to install malware directly on the router instead, as it cannot be scanned with a standard antivirus program. Malware on the router often remains undetected for a long time.
How malware ends up on the router
There are two options for this, with the first option in particular often being the biggest weak point:
- Penetration through the default password
This option is shockingly simple: With many routers, neither the standard name for the WLAN nor the admin password is changed, so it is often easy to tell from the outside which router it is. This admin password (not to be confused with the WiFi password) is necessary to access the router settings.
Many router brands use the same admin password for their models. With special apps that recognize the router brand and have saved the default admin passwords, it is a piece of cake to access the routers from outside and install malware on them.
Some manufacturers are aware of the problem, which is why newer routers are equipped with a random admin password, but older routers where the password has never been changed are still vulnerable to this hacker attack.
- Exploitation of vulnerabilities
Router manufacturers regularly release patches and new firmware versions, as this software often has security holes that can be exploited by hackers. Unfortunately, many users are not aware that the router software needs to be updated just like programs on the PC.
That's why you should regularly check the firmware for patches in the router menu. Such security gaps should not be underestimated, for example the Mēris botnet unpatched security gaps in MikroTik routers.
Which malware commonly infects routers
Famous malware families are Mirai and Mēris. Mirai infects not only routers, but also IP cameras, smart TVs and other IoT devices, including corporate devices such as wireless controllers and digital advertising displays. Mēris is Latvian for “plague” and that’s what this malware is: it has been used to attack many financial and IT companies in recent years; The number of infected routers is so large that over 20 million requests per second are possible.
What malware can do to the router
Building a botnet
Routers that have been hijacked by malware are often used to create a botnet. Botnets are used to bring down websites. For example, if hackers want to attack a site, they use a botnet, i.e. a network of tens of thousands of computers created by malware that simultaneously access the site to be attacked.
This then causes users with an infected router to suddenly experience very slow Internet access. No wonder, because their router, together with thousands of other computers, is currently accessing the same page dozens of times in order to block it, i.e. a so-called DDoS attack (Distributed Denial of Service) is being carried out.
Data theft
Of course, this is particularly damaging to users: all data passes through the router to which the devices are connected, so everything can be intercepted by malware: from the security pin of the banking software to passwords to all correspondence.
Fake websites
Malware in the router can also direct you to fake websites. Normally, when you enter a URL, a DNS server is accessed, which has stored all registered IP addresses and the corresponding URLs. The malware then redirects such requests to a different DNS server, so that you constantly end up on fake sites that, for example, steal your passwords and credit card details.
How you can protect your router from malware
It's not that difficult to protect your router from malware if you keep the following points in mind:
- Check the manufacturer's website at least once a month for the latest router firmware updates. Most routers update themselves automatically, but sometimes you have to push updates manually.
- Create a long, strong administrator password for your router.
- Check the router's instructions (often found on the manufacturer's website) and see how you can disable remote access to the router's management settings.
- The WiFi password should also be long and secure so that hackers cannot gain access to the router this way.
- Set up guest access on the router for guests, friends and neighbors who want to use your WiFi. These always only have limited rights, so that malware cannot accidentally or maliciously land on the router.
Article image: Unsplash
Source: Kaspersky
Also interesting:
Chatting, learning, playing, surfing, reading or watching videos – almost all children use the Internet at home and on the go. In the digital world they are exposed to many dangers.
– Help children surf safely
If you enjoyed this post and value the importance of well-founded information, become part of the exclusive Mimikama Club! Support our work and help us promote awareness and combat misinformation. As a club member you receive:
📬 Special Weekly Newsletter: Get exclusive content straight to your inbox.
🎥 Exclusive video* “Fact Checker Basic Course”: Learn from Andre Wolf how to recognize and combat misinformation.
📅 Early access to in-depth articles and fact checks: always be one step ahead.
📄 Bonus articles, just for you: Discover content you won't find anywhere else.
📝 Participation in webinars and workshops : Join us live or watch the recordings.
✔️ Quality exchange: Discuss safely in our comment function without trolls and bots.
Join us and become part of a community that stands for truth and clarity. Together we can make the world a little better!
* In this special course, Andre Wolf will teach you how to recognize and effectively combat misinformation. After completing the video, you have the opportunity to join our research team and actively participate in the education - an opportunity that is exclusively reserved for our club members!
Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )

