FBI Warns of New TheMoon Malware Variant Targeting End-of-Life Routers
The FBI has issued a Public Service Announcement warning users about a new variant of the TheMoon malware. This malware has recently resurfaced, targeting end-of-life (EOL) routers that no longer receive security patches or manufacturer support. Criminals exploit these outdated devices to install proxies, enabling them to mask their identities and conduct illegal activities online.
What is TheMoon Malware?
TheMoon has been around since at least 2014, originally spreading via vulnerabilities in routers. This latest variant installs proxy modules on compromised devices, creating a network of infected endpoints that cybercriminals can use to carry out attacks anonymously.
When a router or device is marked as “end-of-life,” it means the manufacturer has stopped providing firmware updates, leaving it vulnerable to exploits like TheMoon.
Why End-of-Life Devices Are a Critical Threat
End-of-life devices represent a major cybersecurity risk. Once a product reaches EOL, it’s no longer updated or patched for new vulnerabilities. Attackers actively scan the internet for such outdated hardware, knowing they are easy targets. Routers, firewalls, proxies, and load balancers are especially vulnerable since they operate at the edge of networks.
The Importance of Regular Updates and Upgrades
Keeping your IT infrastructure updated is one of the most important defenses against cyber threats. This includes:
- Firmware updates for routers and network appliances
- Software upgrades for applications and operating systems
- Patch management to close newly discovered security holes
- Periodic audits to identify outdated or unsupported assets
Updates don’t just improve security — they also enhance performance, fix bugs, and add new features that keep your systems running efficiently and safely.
RELIANOID’s Commitment to Security and Continuous Improvement
At RELIANOID, we have always emphasized the importance of updates and upgrades across our full product range. Our solutions are built with security, reliability, and performance in mind — but they must be kept up to date to ensure continued protection against evolving threats like TheMoon.
We actively remind our users of version changes and new security features through:
- Release announcements
- Knowledge Base articles
- Direct notifications and partner communications
RELIANOID EE Version 6 Reaching End of Life in June
We want to remind all users that RELIANOID Enterprise Edition (EE) version 6 will officially reach End of Life by June. This means it will no longer receive updates, security patches, or technical support. If you’re still running version 6, we strongly urge you to upgrade to version 8 or newer immediately.
What’s New in RELIANOID EE Version 8+
Version 8 of RELIANOID EE includes significant improvements over version 6, such as:
- High-performance proxy engine optimized for modern workloads
- Support for HTTP/2 and advanced TLS configurations
- Hot restart functionality — apply changes without dropping connections
- Enhanced monitoring and telemetry integrations
- Better UI/UX for admin management
These enhancements don’t just make systems faster — they help prevent cyber threats and boost overall resilience.
How to Identify Infected Routers and Protect Your Network
The FBI recommends the following best practices to detect and protect against malware like TheMoon:
- Replace all EOL routers and devices immediately
- Check router logs and bandwidth usage for abnormal activity
- Block suspicious IP addresses, especially outbound proxy connections
- Use endpoint protection and real-time monitoring solutions
- Reset devices to factory settings and reconfigure securely
How RELIANOID Can Help
Our RELIANOID ADC and proxy solutions are designed to protect and optimize your IT infrastructure. Whether you’re a cloud provider, telecom operator, or enterprise customer, we offer secure, scalable tools that help you stay one step ahead of evolving threats.
By upgrading to RELIANOID EE version 8 or newer, you’ll gain access to our latest security features, performance enhancements, and continued support from our technical team.
Take Action Now
The discovery of this new TheMoon malware variant is a wake-up call. Don’t wait for an incident to review your infrastructure. Replace all end-of-life equipment, upgrade your systems, and partner with trusted vendors like RELIANOID who put security and performance at the center of their solutions.
Act today to upgrade from RELIANOID EE v6 to version 8+ and secure your network against tomorrow’s threats.
For guidance on upgrading or questions about our support lifecycle, visit our Support Portal or contact your RELIANOID account manager.
Stay secure. Stay updated. Stay RELIANOID.
Related Blogs
