Fun fact. Or maybe it’s not so fun. The Russians have been exploiting security vulnerabilities for years in home ad small office routers. In the process the Russians can use these routers to execute attacks at will. Thus the The FBI and NSA took the really unusual step of getting a court order in order to find and remotely reset these routers to kick the Russians out of these routers. Though there’s a catch to that which I will get to in a moment. From CNET:
Federal agencies, including the FBI and NSA, disclosed on April 7 that a unit of Russia’s military intelligence directorate, the GRU group known as APT28 or Fancy Bear, has been systematically compromising home and small office routers since at least 2024, using the access to intercept credentials, authentication tokens and sensitive communications. The agency took the unusual step of remotely resetting thousands of affected US devices under a court order, but officials are warning that without action from individual router owners, the problem is far from solved.
Here’s the catch. The routers in question aren’t getting security updates as well. So it is entirely likely that the Russians can simply come back and set up shop again if you leave the router in operation. Thus if your router gets reset remotely, it needs to be replaced. Immediately. As in now. Today.
If you’re wondering which routers are targeted, CNET can help you with that:
The UK’s National Cyber Security Centre includes a number of TP-Link routers specifically targeted by the hackers.
But I would not consider that list to be complete. Which is why you should replace your router if it factory reset remotely. Consider this a today problem.
Related
This entry was posted on May 12, 2026 at 8:49 am and is filed under Commentary with tags FBI, Hacked, NSA. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
If Your Router Was Reset To Factory Defaults, You Need To Replace It NOW
Fun fact. Or maybe it’s not so fun. The Russians have been exploiting security vulnerabilities for years in home ad small office routers. In the process the Russians can use these routers to execute attacks at will. Thus the The FBI and NSA took the really unusual step of getting a court order in order to find and remotely reset these routers to kick the Russians out of these routers. Though there’s a catch to that which I will get to in a moment. From CNET:
Federal agencies, including the FBI and NSA, disclosed on April 7 that a unit of Russia’s military intelligence directorate, the GRU group known as APT28 or Fancy Bear, has been systematically compromising home and small office routers since at least 2024, using the access to intercept credentials, authentication tokens and sensitive communications. The agency took the unusual step of remotely resetting thousands of affected US devices under a court order, but officials are warning that without action from individual router owners, the problem is far from solved.
Here’s the catch. The routers in question aren’t getting security updates as well. So it is entirely likely that the Russians can simply come back and set up shop again if you leave the router in operation. Thus if your router gets reset remotely, it needs to be replaced. Immediately. As in now. Today.
If you’re wondering which routers are targeted, CNET can help you with that:
The UK’s National Cyber Security Centre includes a number of TP-Link routers specifically targeted by the hackers.
But I would not consider that list to be complete. Which is why you should replace your router if it factory reset remotely. Consider this a today problem.
Share this:
Like this:
Related
This entry was posted on May 12, 2026 at 8:49 am and is filed under Commentary with tags FBI, Hacked, NSA. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.