D-Link issued a warning to users of certain legacy router models that are vulnerable to known exploits by botnets. These devices, which have reached End-of-Life (EOL) and End-of-Service (EOS) status, are currently being targeted by malware strains known as “Ficora” and “Capsaicin”.
The affected legacy routers include models like DIR-645 (US/Global), DIR-806 (Non-US), GO-RT-AC750 (Non-US), and DIR-845L (Non-US). These routers, spanning all hardware revisions and firmware versions, are no longer supported by D-Link. Their firmware development ceased before 2024, with some models reaching end of service as early as 2016.
According to reports from Fortiguard.com and Techzine.eu, the malware botnets Ficora and Capsaicin are actively exploiting these unsupported routers. They target outdated firmware, taking advantage of security vulnerabilities that no longer receive updates or patches. Once compromised, these routers can be used for malicious activities like Distributed Denial-of-Service (DDoS) attacks, data theft, or launching further malware campaigns.
D-Link has stressed the importance of discontinuing the use of EOL/EOS devices due to the significant cybersecurity risks they pose. Unsupported devices lack critical firmware updates and security patches, making them highly susceptible to modern cyberattacks. The company strongly recommends users to retire these routers immediately and replace them with newer models that receive regular firmware updates.
For users in North America, D-Link suggests taking the following actions:
1. Retire and Replace: Replace the affected models with current products that receive firmware updates.
2. Update Firmware: If immediate replacement isn’t possible, ensure the device runs the latest firmware.
3. Enhance Security: Change passwords for web configuration access and enable Wi-Fi encryption with strong, unique passwords.
4. Stay Vigilant: Regularly monitor for firmware updates, though no further updates will be released for EOL routers.
While the advisory primarily targets North American users, D-Link advises all international users of legacy devices to reach out to their regional D-Link offices for tailored recommendations. The company underscores the importance of keeping pace with technological advancements and ensuring that equipment aligns with current cybersecurity standards.
D-Link’s decision to classify these models as EOL/EOS reflects the natural lifecycle of technological products. As devices age, they become outdated due to security measures and improvements in wireless technology. The company emphasizes the necessity of upgrading to newer models to protect users against evolving threats.
In conclusion, D-Link’s warning to users of legacy routers serves as a crucial reminder of the cybersecurity risks associated with using EOL/EOS devices. Users are urged to follow the recommended actions to safeguard their networks and data from potential cyber threats.