Your Wi-Fi router may be the least glamorous gadget in your home. It sits on a shelf, blinks in the corner and only gets attention when Netflix freezes. However, that little box controls a lot more than you may think.
The FBI and Justice Department say a Russian military intelligence hacking group abused vulnerable small office and home office routers to help run an espionage operation. The group is known as APT28, Fancy Bear and Forest Blizzard. It has been linked to Russia’s GRU military intelligence agency.
The hackers changed router settings so internet requests could flow through servers they controlled. That gave them a way to watch for valuable targets, redirect traffic and steal sensitive login information. The Justice Department and FBI say they disrupted the U.S. portion of the network in April. That is good news. Still, law enforcement cannot walk into your house, update your router or change the password printed on an old sticker. That part is on you.
Sign up for my FREE CyberGuy Report
FBI WARNS OF HACKERS EXPLOITING OUTDATED ROUTERS. CHECK YOURS NOW
This attack focused on SOHO routers. That stands for small office and home office routers. In other words, these are the kinds of devices used by small businesses, remote workers and some homes. The Justice Department says the hackers used weaknesses in older routers to change DNS settings.
DNS is like the address book for the internet. When you type a website name, DNS helps your device find the right online destination. If hackers control that address book, they can send certain requests through their own servers. That can let them spot valuable targets and try to steal passwords, authentication tokens, emails or browsing data.
That to me is scary because the victim may not see anything obvious. Your laptop may still connect. Your phone may still browse. Your router may still look normal. Meanwhile, the traffic can be quietly routed through a bad path.
Routers age like any other device. The problem is that many people keep them for years after the manufacturer stops supporting them. That can leave known security holes sitting open.
Many people also never change the router’s admin username and password. That admin login is different from your Wi-Fi password. It controls the router itself. If that login still uses a default password, a hacker has a much easier path inside.
Think of it this way. You may have strong passwords on your bank account, email and phone. But if your router is outdated and poorly protected, your network still has a soft spot.
DON’T USE YOUR HOME WI-FI BEFORE FIXING CERTAIN SECURITY RISKS
The FBI specifically referred to the TP-Link WR841N in its warning. The UK National Cyber Security Centre also listed other TP-Link models targeted by APT28. The agency says the list may not be complete.
Here are the routers named in the advisory:
If you see your model on this list, take it seriously. Many of these routers are older. Some may no longer get normal security support. We reached out to TP-Link for comments, but did not hear back before our deadline.
A spokesperson from TP-Link Systems Inc. told CyberGuy the company is aware of recent public reporting involving legacy consumer routers, including TP-Link models listed in those reports. The company said the referenced legacy router models reached End of Service and Life status several years ago.
“While these products are outside our standard maintenance lifecycle, TP-Link has developed security updates for select legacy models where technically feasible,” the spokesperson said.
The spokesperson also urged customers using legacy or end-of-service devices to upgrade to currently supported hardware that receives regular security updates.
“As immediate precautions, users should update to the latest available firmware, disable remote management, and restrict device access to trusted internal networks only,” the spokesperson said.
TP-Link added that the security of its customers is its highest priority and said detailed mitigation guidance, along with a list of identified affected legacy products, is available on its official security advisory page.
Most people do not think about their router until the Wi-Fi drops. But your router sits between your devices and the internet. That gives it a powerful position in your home or small business. If a hacker changes the router’s settings, every connected device can feel the impact. That includes your laptop, smartphone, tablet, smart TV and work computer.
This is especially important if you work from home. A weak router can create a risk for your personal accounts and your workplace accounts. The good news is that you do not need to be a cybersecurity expert to lower the risk. You just need to stop treating your router like a forgotten appliance.
ETHERNET VS WI-FI SECURITY COMPARISON REVEALS SURPRISING RESULTS FOR HOME USERS SEEKING PROTECTION
The good news is that a few simple router checks can reduce your risk and help keep hackers from quietly changing how your internet traffic moves.
Look at the label on your router. You can usually find the model number on the bottom or back of the device. If it matches one of the listed models, check the manufacturer’s support page for firmware updates. If the device is no longer supported, replace it. Do not keep an end-of-life router because it “still works.” A router can still provide Wi-Fi while leaving your network exposed.
Firmware is the software that runs your router. Updates often fix security problems. Open your router’s app or log in to its admin page. Look for a firmware update section. Turn on automatic updates if your router offers that option. If it does not, set a reminder to check for updates regularly.
Your router has an admin login. This is separate from your Wi-Fi network password. Change the default admin username and password. Use a long, unique password that you do not use anywhere else. A password manager can help you create and store a strong router password so you do not have to remember it. Also, change your Wi-Fi password if you have shared it widely or kept it for years. Check out the best expert-reviewed password managers of 2026 at Cyberguy.com
Most people do not need to manage a home router from outside the house. Remote management can give attackers another way to reach your router. Log in to your router settings and turn it off unless you truly need it. The wording may vary by brand. Look for “remote management,” “remote access” or “WAN access.”
A reboot will not fix every router problem. However, security agencies often recommend restarting routers as part of basic home network hygiene. Unplug your router, wait about 30 seconds and plug it back in. This can help clear some temporary malicious activity. Still, it does not replace updates, stronger passwords or replacing an outdated device.
Do not click through browser warnings that say a site certificate is invalid or unsafe. Those warnings can appear when something is interfering with a secure connection. In this kind of attack, that warning could be a major red flag. Close the page instead. Then check the site by typing the address yourself on a trusted network.
If you handle work files or sensitive accounts from home, use your company-approved VPN. A VPN can help protect traffic when you connect to workplace systems. It can also reduce exposure when you use networks you do not fully control. Still, a VPN isn’t a free pass to ignore router updates. You need safer habits and safer hardware. For the best VPN software, see my expert review of the best VPNs for browsing the web privately on your Windows, Mac, Android & iOS devices at Cyberguy.com
Strong antivirus software can help protect your devices if a bad link, a fake login page or a malicious download reaches you. It will not fix a vulnerable router, but it can add another layer of protection for your computer and phone. Look for security software that can detect malware, warn you about phishing sites and help block suspicious activity before it causes damage. Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com
If hackers steal your login details, the damage can spread beyond your Wi-Fi network. Identity theft protection can help monitor for signs that your personal information is being misused. It may alert you to suspicious activity involving your credit, accounts or personal data so you can act faster. See my tips and best picks on Best Identity Theft Protection at Cyberguy.com
A data removal service can help reduce the amount of personal information about you that is available online. That is important because scammers often combine stolen logins with exposed details from data broker sites. Removing your information from those sites can make it harder for criminals to build a fuller profile of you or your family. Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com
If your router no longer receives security updates, replace it. That may feel annoying. I get it. Nobody gets excited about buying a router the way they might get excited about a new phone. But your router protects everything connected to it. Spending money on a supported device can be cheaper than cleaning up stolen passwords later.
This router warning should make every home and small business owner pause for a minute. The scariest part is how ordinary the target is. We are talking about routers that may be sitting in homes, home offices and small businesses right now. The FBI and its partners disrupted part of the Russian operation. However, that does not magically secure old routers still sitting on shelves. So check your model. Update the firmware. Change the admin password. Turn off remote management. Replace the router if it no longer gets updates. Your router may be boring. But if it gets hijacked, it can become one of the most important security problems in your home.
Would you know how old your router is right now, or is it one of those devices you have not touched since the day it was installed? Let us know by writing to us at Cyberguy.com
Sign up for my FREE CyberGuy Report
Copyright 2026 CyberGuy.com. All rights reserved.
Source – https://www.foxnews.com/tech/fbi-says-russian-hackers-hijacked-old-wi-fi-routers
