Researchers from SANS Institute’s Internet Storm Center (ISC) issued an alert Feb 12 about incidents where Linksys routers had been compromised and were being used to infect other Linksys routers. The malware can only infect the router if Remote Management Access is turned on.
The following router models are at risk of infection: E4200, E3200, E3000, E2500, E2100L, E2000, E1550, E1500, E1200, E1000, E900, E300, WAG320N, WAP300N, WAP610N, WES610N, WET610N, WRT610N, WRT600N, WRT400N, WRT320N, WRT160N and WRT150N. These models are sold at common electronics retailers and are typically used by home and small offices.
If you have one of these models, you should upgrade your router firmware and also make sure that Remote Management is turned off.
If you need assistance securing your router or your network, please contact us at firstname.lastname@example.org.