TP-Link confirmed that the routers manufactured and sold by the company are not affected by a recent variant of the DDoS malware known as Mirai. It has been reported news outlets such as Ars TechnicaTripwire that Mirai has recently spread and infected networking devices in several European countries. This particular iteration of the malware affects some routers by exploiting a discovered vulnerability in device security. While this hack can interfere with some routers, this does not affect those manufactured and sold by TP-Link.
In order for some ISPs to remotely manage and troubleshoot issued devices, such as routers and modem routers, they use the communication protocols TR-609 and TR-604. If, while the TR-069 and TR-064 communication protocols are running, there exists a particular security weakness in the firmware of some routers, the new Mirai malware reported at this time will exploit this weakness and attack the routers through these communication protocols.
TP-Link wants to assure its customers that networking products manufactured and sold by TP-Link, including DSL routers and Wi-Fi routers, are not susceptible to this particular iteration of Mirai malware.
“At TP-Link, customer security comes first,” said Andy Chen, Director of International Business at TP-Link. “We work diligently to ensure that our products include top-level security, with firmware and hardware that protects customers and their devices from the latest threats.”
Currently, TP-Link has not received any customer feedback regarding the new Mirai malware. For further questions or concerns, please contact TP-Link through the support page on the official website: http://www.tp-link.com/support
TP-Link would also like to remind customers to take the necessary steps to ensure the security of their network. For the security of their networking device, customers should make sure they are using the latest firmware downloaded from the official TP-Link website, (link here).TP-Link is not responsible for routers using third-party firmware. Furthermore, TP-Link urges customers to create a unique username and password for logging into their networking device’s web management UI (learn how to change username and password here)Do not use the default name and password.With these practices, the router and connected devices will be highly secure from outside threats.