Router infected with malware
Well, in practice the answer is no. Routers are, I can’t say “never,” but extremely rarely infected with malware.
What more often happens with routers is that your computer will be infected with some kind of malware that then knows how to reach out to your router. If you haven’t changed the default password, the default administration password for your router, the malware on your computer can reach out to your router and reconfigure it.
It doesn’t install any malware, it just reconfigures it:
It may set security settings to “off”;
It may redirect where your DNS is coming from;
It can cause a lot of havoc.
The malware is not on the router, the malware is on one of your computers – and that malware has reconfigured the router so that the router contains bad information.
But it’s not the router itself having been itself infected.
Router software is not common
It is true that routers are, in fact, small computers. Many of them are actually running Linux on the inside (some form of Linux kernel) and they certainly have RAM for all of the things that a router does.
But it’s extremely rare for a router to be infected because all of these different routers are so very different from each other. It’s very difficult for a general purpose piece of malware to be written that would, somehow, manage to insert itself into the router.
It’s much easier for malware authors to target more common platforms, like Windows, and simpler interfaces, like the administration interfaces on most popular routers.
So the thing to be worried about, with your router, is to make sure you have already changed the administration password – so that these types of malware (which absolutely do exist) cannot infect your PC, and cannot, in turn, go out and make changes to your router that you don’t want it to make.
(Transcript lightly edited for readability.)
End of Answercast 81 Back to – Audio Segment