AVG Signal Blog Privacy Hackers What Is Router Hacking and How to Prevent It

Written by Ivan Belcic
Published on February 18, 2021

What is router hacking, exactly?

Router hacking is when a cybercriminal takes control of your router without your consent. Like other types of hacking, Wi-Fi hacking relies on the cybercriminal overcoming your security measures — typically your router’s admin password or an unpatched vulnerability. Hackers have many tricks for pulling off a successful router hack.

This article contains :

    If you haven’t set a strong router password, a hacker can get inside your router in minutes. Once they’ve gained control, the hacker can change your router settings, access your internet data, or even install malware on your router. These are all signature signs that you’ve been hit by a black-hat hacker, as opposed to their more altruistic white-hat cousins.

    How router hacking works

    Depending on the router you have and how well you’ve secured it, aspiring Wi-Fi hackers can try one of several attack methods to breach your router security.

    icon_01Using the default login credentials: This is the easiest way to hack someone’s router. If you’ve never changed your router’s admin password, anyone can simply log in with that information. Router hackers know the standard passwords for the most popular routers, and they’ll happily try these out on your Wi-Fi network.

    icon_02Exploiting a firmware vulnerability: Firmware is the name for built-in software that tells a hardware device, such as your router, how it should work. Software vulnerabilities are security flaws that hackers can exploit in their attacks. If your router’s firmware has a vulnerability, a router hacker can leverage it to access your router’s administrative settings. Regularly check your router manufacturer’s website for firmware updates, and install any that you find.

    icon_03Cracking your password: Changing your router password might not be enough to keep a hacker out. By trying one password after another, hackers can keep guessing until they land on your password. The simpler your password, the easier this becomes — so always create strong and unique passwords for all your devices and accounts.

    Still wondering if a router can be hacked? Given enough time and resources, any device can be hacked. That’s why effective internet security means making the hack as difficult and time-consuming as possible.

    Why would anyone want to hack my router?

    Even if you don’t think there’s anything worth stealing on your computer, a Wi-Fi hacker might disagree. Data theft is just one of many reasons why someone might want to compromise your Wi-Fi connection. Someone with access to your router can:

    • Eavesdrop on you: Since your router handles all the internet traffic on your network, a router hacker can see what you’re doing — which websites and services you’re using, when you’re using them, and more. This extends to any device on your Wi-Fi network.

    • Monitor HTTP connections: When you connect to a website that isn’t using HTTPS encryption, that connection is wide open. A hacker in your router can see anything you do on these websites, including personal data you send or receive. With a packet sniffer, a hacker can monitor all the internet traffic on your network and even capture the data for their own use.

    • Interfere with HTTP connections: Hackers can inject malicious code into unsecured HTTP connections (common on unsafe websites) to infect the devices on your network or force them to mine cryptocurrency.

    • Install router malware: Hacking a router may be the first step in a more advanced attack. After hacking into your router, the hacker can place malware on it — like the packet sniffer we just talked about — and continue their cyberattacks.

    • Detect and attack devices on your network: A router hacker can use your router as a staging ground to hack into other devices connected to your network. Any device that connects to your router could be at risk.

    • Redirect your internet traffic: Your router’s DNS settings direct your internet traffic to the right places. By changing your DNS settings, a router hacker can redirect your traffic at the DNS level anywhere they want — usually to malicious websites they control, and which they can use to scam you with pharming attacks or download malware onto your device.

    • Use your internet connection: A hacker inside your network can piggyback on your internet connection for free, chewing through your bandwidth and slowing down your internet speeds. They may even use your Wi-Fi to access or share illegal content under your name.

    • Add your router to a botnet: Botnets are massive networks of hacked devices controlled by a cybercriminal. Hackers often use botnets in large-scale cyberattacks that overwhelm targets with data to shut them down.

      These distributed denial of service (DDoS) attacks require huge botnets to pull off, but the consequences can be disastrous. Botnets are also used to send spam or scan the internet for other vulnerable routers. Some of the most famous hackers in the world target everyday computer users to create large-scale botnets.

    There’s plenty of mischief a hacker could get into when they’ve hacked your router.

    There are lots of threats to your Wi-Fi network if your router gets hacked.Hackers can do a lot if they gain access to your router.

    Has my router been hacked? Common signs

    Now that you know why someone might hack your router, what does a router hack look like? These router hacking signs can alert you to the danger before it’s too late.

    • Altered DNS settings: As mentioned above, one of the most common reasons people hack routers is to change the DNS settings. By doing this, a hacker can redirect your internet traffic without you realizing it, setting up a potentially devastating pharming attack — this is what DNS hijacking is. Your router’s DNS settings are available in its admin menu. 

    • Admin password not working: A router hacker might have gotten in and changed your admin credentials. In this case, factory-reset your router immediately, then set a new password.

    • Slow internet: Slow internet doesn’t always indicate a Wi-Fi hack, but it can. If your internet suddenly is way slower than it used to be — and you’re noticing other common signs of router hacking — it may be due to a hacker ripping through your bandwidth.

    • Strange software or malware on your devices: Along with placing it directly on your router, a router hacker can also download malware onto your computer or phone. Router hacking isn’t the only way to spread malware, but in concert with other symptoms listed here, malware can indicate a router hack.

      Always protect your devices by using the best security software from reputable brands.

    • Bonus tip — look out for unrecognized devices on your network: AVG AntiVirus FREE can detect when unfamiliar devices join your Wi-Fi network. You’ll see a warning when this happens, because if it does, it might mean that someone has found your Wi-Fi password.

      While this doesn’t indicate router hacking yet, someone with access to your Wi-Fi network can later hack your router. That’s why it’s so important to monitor your home network with trustworthy security software.

    AVG AntiVirus FREE is a full-featured cybersecurity tool that keeps you and your devices safer online. Scan and block malicious software with 24/7 real-time detection, remove malware from your PC, protect valuable files against ransomware, defend against phishing attacks, and keep router hackers off your Wi-Fi network.

    What to do with a hacked router

    Do you think your router might be hacked? Here’s the good news: In most cases, you can fix it pretty easily. Here’s how to fix a hacked router and remove router malware in six quick steps.

    1. Disconnect your router from the internet and other devices

    Quarantine that router STAT! Unplug the internet cable and disconnect any other cables running between your router and other devices. But leave your router plugged in, because it needs a power supply to be fixed.

    2. Perform a factory reset

    With your router cut off from the internet, hit it with a factory reset. This goes beyond the common off/on toggle you’ll do when your internet cuts out. A factory reset removes all your configurations and returns your router settings to a like-new state. Some types of router malware, like VPNFilter, will also be removed after a factory reset.

    For specific instructions on how to reset your router, check your user manual. Many routers have a small recessed reset button that you’ll need to press with a paperclip.

    3. Log in and change your admin password

    After a factory reset, you can log into your router with its default administrative credentials. You’ll find these on the router itself or in your user manual. After logging in, change the admin password immediately to something long, unique, and complex. This way, your router hacker won’t be able to get in again if they try your old password.

    4. Create a new SSID and password for your Wi-Fi network

    The SSID (service set identifier) is the name of your Wi-Fi network. Your router may include its brand name in the default SSID, which is a big help to a would-be router hacker. Knowing the type of router you have may make it easier for someone to hack it.

    Set a new SSID instead, and make it long and complex. WPA encryption, which your router uses to protect your password, includes the SSID in the encryption algorithm. Due to how this encryption works, shorter or more common network names can be easier to crack with a rainbow table or other aid.

    Apply these rules to your password as well — long, complex, and unique is always best. Create a password that contains at least 15 to 20 characters. You can’t go wrong with a longer password.

    5. Create a guest network (if you want)

    Guest networks are separate networks on your router that grant internet access to devices you don’t want connecting to your primary network. They’re great for when you have, well, guests coming over, as you never know who’s got a malware infection on their phone. 

    Isolate unfamiliar devices on your guest network to prevent them from communicating directly with (and possibly infecting) your own stuff.

    Guest networks are also ideal for less-secure smart devices, which often have weaker protections than computers and phones. You’ll find your guest network options in your router settings.

    6. Update the firmware on your router

    If your router doesn’t automatically update its firmware — and many don’t — you’ll have to DIY. Head to your router manufacturer’s website and look for their “downloads” section. Here, you should find a selection of router firmware. 

    Download and install the latest firmware for your router to repair any firmware vulnerabilities and prevent hackers from exploiting them.

    You can also find your router’s firmware settings by logging into your admin menu, but you may get inaccurate guidance there. Some routers will tell you their firmware is updated, when it’s actually too old.

    If you can’t update your firmware to a more secure version, get a new router instead — preferably from another manufacturer who isn’t going to expose you to hackers.

    How to prevent router hacking

    It takes just a few easy changes to your digital lifestyle to avoid most router hacks. And it’s way simpler to prevent router hacking than it is to deal with the consequences of getting hacked.

    Find out how to block Wi-Fi hackers with these helpful tips for greater router protection:

    Create a new admin username and password for your router

    As soon as you get a new router, set a new admin password. Hackers know the default passwords for all the popular routers, and they could try them out on yours. If you’ve bought your router secondhand, keep its former users out by updating the password. And if you can, change the admin username as well.

    Follow strong password creation practices to prevent anyone from guessing your password. A long password of at least 15 to 20 characters is very tough to crack.

    Create a brand-new password for your router, too — don’t reuse one from another account. Some router vulnerabilities can leak your password, and you don’t want a hacker to get the keys to your financial, email, or social media accounts.

    Disable remote access settings

    Can you think of a reason why you’d need to log into your router’s admin settings when you aren’t physically next to it? If not, there’s no reason to leave this window open to others. Check that remote access is deactivated so that you can log into your router only with a good, old-fashioned Ethernet cable or via your Wi-Fi network.

    Monitor your Wi-Fi network with a cybersecurity tool

    Monitoring your Wi-Fi will help you know if and when any unfamiliar devices have accessed your network — a possible indication of a router hack. AVG AntiVirus FREE includes a built-in Network Inspector that scans your network for unrecognized devices and known vulnerabilities, such as weak Wi-Fi passwords or signs of DNS hijacking.

    Using the Network Inspector in AVG AntiVirus FREE to scan and protect a wireless networkAVG AntiVirus FREE scans your network for vulnerabilities that could expose you to hacking.

    With AVG AntiVirus FREE guarding your Wi-Fi network, you’ll be the first to know when someone’s hacked your router. It’s just one of the many ways AVG AntiVirus FREE keeps you safe online, defending you not only against hackers but malware, phishing, and all sorts of other threats.

    Opt for WPA3 support

    WPA3 is the latest iteration of the Wi-Fi Protected Access security protocol, which secures your Wi-Fi network with AES encryption — incidentally, that’s the same high-level encryption we use for our AVG Secure VPN. Older routers won’t have WPA3, but they’ll likely have WPA2. It’s the previous version, but it’s still good.

    And remember, again, always create a strong and unique password when configuring your WPA3 or WPA2 settings.

    Ditch WPS

    WPA3 and its predecessor WPA2 are reliably secure — depending on your password, of course — but we can’t say the same for WPS (Wi-Fi Protected Setup). By letting you connect a device by pressing a button or entering a PIN, WPS is certainly convenient, but it’s far from secure.

    It’ll take a hacker way less time to brute-force a short PIN than to crack your strong and unique password. And if you have a WPS button, that means anyone who’s near your router can connect to it in seconds.

    If your router allows for it, turn off WPS entirely and protect your router with a WPA3 or WPA2 password instead.

    Change your router’s network name (SSID)

    Leaving the default SSID (the name of your Wi-Fi network) in place is a boon for a would-be router hacker, as it lets them know which type of router you have. Instead, as soon as you’ve finished changing your router’s login credentials, set a new SSID as well. Longer and more complex names are better, because they also enhance your WPA security.

    And of course, create a long and unique network password. Shoot for a password that’s at least 15 to 20 characters long. The longer your password is, the harder it is to crack.

    Update your router (and its firmware)

    If you’re using an older router that doesn’t support WPA2 at a minimum, you should upgrade. Older equipment is more vulnerable to hacking, and you’ll be safer with a more current router model. If you buy a secondhand router, change your admin password, SSID, and network password ASAP.

    The same goes for your router’s firmware. Periodically check your router manufacturer’s website to see whether a firmware update is available. If so, update it. This can prevent hackers from exploiting vulnerabilities in older firmware versions. Updating your router is also a great way to boost a weak Wi-Fi signal at home.

    Set up a router firewall

    A firewall is an internet blockade that isolates your network from unwanted traffic. With a simple router firewall, only connections requested by your devices are allowed to pass through your router. Many routers already come with a built-in firewall, so all you need to do is enable it within your router’s admin settings.

    With your router firewall activated, your network will be protected from unwanted — and potentially malicious — internet traffic.

    Defend your network with AVG Antivirus

    The best way to secure your Wi-Fi network and keep router hackers out is with a world-class network security tool. AVG AntiVirus FREE defends your computer and phone against malware, phishing, and more — and it’ll also monitor your network for any suspicious activity that may happen if your router gets hacked. 

    If a hacker has installed any malware on your devices, AVG AntiVirus FREE will detect and remove it immediately. And thanks to the built-in Network Inspector, you’ll always know if anything strange is happening on your network.

    Secure your router with AVG AntiVirus

    Free install

    Secure your router with AVG Mobile Security

    Free install
    Ivan Belcic