Skip to main content

Don’t shoot for ‘TheMoon’: New malware takes aim at Linksys routers

If you own a Linksys router, beware: There’s a new strain of malware that’s making its way through the Internet as we speak.

The virus is called “TheMoon,” and it was discovered by some researchers at the Internet Storm Center, which makes its home at the SANS Institute, a private firm that specializes in Internet security. Hackers using the TheMoon can log into your router without actually knowing the router’s credentials. However, your Linksys router is only vulnerable to TheMoon if Remote Management Access is enabled within the hardware’s administrative settings.

Recommended Videos

Possible Linksys routers affected by TheMoon include the following models: E300, E900, E1000, E1200, E1500, E1550, E2000, E2100L, E2500, E3000, E3200, E4200, WAG320N, WAP300N, WES610N, WAP610N, WRT610N, WRT400N, WRT600N, WRT320N, WRT160N, and WRT150N. An exploit writer who goes by the alias “Rew” compiled this list, stating that these routers might be affected and that the list wasn’t necessarily a complete one.

Linksys published an official blog post where they addressed TheMoon, and included a solution on how to safeguard your Linksys router from infection. Here’s what Linksys had to say:

“Linksys is aware of the malware called The Moon that has affected select older Linksys E-series Routers and select older Wireless-N access points and routers. We will be working on the affected products with a firmware fix that is planned to be posted on our website in the coming weeks.”

Linksys recommends that, on top of disabling Remote Management Access in your router’s settings, you should also enable Filter Anonymous Internet Requests, which you can find under the Administration-Security tabs. You should also update your Linksys router’s firmware to the latest version, which you can do by clicking here, and reboot by unplugging and plugging its power cable back in once you’ve completed all the other steps.

What do you think? Sound off in the comments below.

Konrad Krawczyk
Former Computing Editor
Konrad covers desktops, laptops, tablets, sports tech and subjects in between for Digital Trends. Prior to joining DT, he…
Even Nvidia’s partners don’t believe in the new RTX 4060 Ti
RTX 4060 Ti sitting on a pink background.

Nvidia's RTX 4060 Ti 16GB is reportedly just days away from launch, but rumor has it that there may not be a lot of GPUs to choose from. This isn't a sign of another dreadful GPU shortage, though. It's more that the RTX 4060 Ti has very little chance to rank high among the best graphics cards you can buy.

We've just recently seen the release of the RTX 4060, but Nvidia still has another card up its sleeve -- a clone of the existing RTX 4060 Ti that comes equipped with twice the VRAM. However, due to certain factors, the GPU might be doomed to a life of subpar sales and unsatisfying benchmark results.

Read more
Don’t fall for it — ChatGPT scams are running rampant across social media
Person typing on a computer keyboard.

Malware and scams for ChatGPT continue to become more prevalent as interest in the chatbot developed by OpenAI expands.

There have been a number of instances of bad actors taking advantage of the popularity of ChatGPT since its introduction in November 2022. Many have been using false ChatGPT interfaces to scam unsuspecting mobile users out of money or infect devices with malware. The most recent threat is a mix of both, with hackers targeting Windows and Android users through phishing pages and aiming to steal their private data, which could include credit card and other banking information, according to Bleeping Computer.

Read more
This game lets hackers attack your PC, and you don’t even need to play it
Genshin Impact characters.

Hackers have been abusing the anti-cheat system in a massively popular game, and you don't even need to have it installed on your computer to be affected.

The game in question is called Genshin Impact, and according to a new report, hackers are able to utilize the game's anti-cheat measures in order to disable antivirus programs on the target machine. From there, they're free to conduct ransomware attacks and take control of the device.

Read more