BBH Solutions Cybersecurity Advisory – June 2025
The FBI has issued a critical Public Service Announcement warning individuals and businesses about a growing cyber threat: proxy services exploiting end-of-life (EOL) routers. These outdated devices, no longer supported by manufacturers, are being hijacked by cybercriminals to mask illegal activity and launch attacks.
What’s Happening?
Cyber actors are leveraging TheMoon malware, a botnet first identified in 2014, to compromise vulnerable routers. Once infected, these devices are turned into proxy nodes, essentially cloaking the criminals’ identities as they carry out malicious operations like:
- Cryptocurrency theft
- Fraudulent transactions
- Accessing illegal services
TheMoon doesn’t require a password to infect a router. It scans for open ports and exploits known vulnerabilities in outdated firmware, often with remote administration enabled.
Why It Matters
If your organization is still using routers manufactured before 2010, or any device no longer receiving firmware updates, you could unknowingly be part of a criminal proxy network. This not only puts your data at risk but could also implicate your IP address in illegal activity.
BBH Solutions’ Recommendations
To protect your network and reputation, we strongly advise the following:
- Audit your infrastructure: Identify and replace any EOL routers or networking equipment.
- Disable remote administration: Unless absolutely necessary, turn off this feature to reduce exposure.
- Apply firmware updates: Ensure all devices are running the latest security patches.
- Use strong, unique passwords: Avoid reusing credentials and disable password hints.
- Monitor for anomalies: Watch for signs like overheating routers, unexpected reboots, or altered settings.
Final Thoughts
Cybersecurity is not a one-time fix; it’s an ongoing commitment. At BBH Solutions, we help businesses stay ahead of evolving threats with proactive assessments, secure infrastructure design, and managed services.
If you're unsure whether your network is at risk, contact us today for a complimentary security consultation. Let’s make sure your business isn’t an unwitting accomplice in the next cyberattack.