FBI released a FLASH alert outlining various routers that Americans should steer clear of.
Recently, the FBI has identified 18 additional popular router models that have been targeted in a malware campaign in a FLASH alert dated March 12, 2026. These routers were exploited by malicious actors and incorporated into a network of compromised devices utilized for nefarious activities. The affected devices were marketed as residential proxies, which criminals leverage to conceal their identities and locations while committing cybercrimes. The alert states that approximately 1,200 device models, encompassing routers and Internet of Things (IOT) devices from different manufacturers, were compromised. Nevertheless, 18 routers and two security cameras were highlighted as the most commonly breached models.
The selected models comprise three routers from D-Link (the DIR-818LW, DIR-850L, and DIR-860L), two models from Netgear (the DGN2200v4 and AC1900 R7000), four from TP-Link (the Archer C20, TL-WR840N, TL-WR849N, and WR841N), and nine from Zyxel, identified by the following model numbers: EMG6726-B10A, PMG5617GA, VMG1312-B10D, VMG1312-T20B, VMG3925-B10A, VMG3925-B10C, VMG4825-B10A, VMG4927-B50A, and VMG8825-T50K.