In recent days, numerous news reports indicated that a large number of major-brand router devices have a security flaw. ZyXEL Communications Corporation confirmed that some of the router devices compromised by hackers are, in fact, mislabeled with the name of ZyXEL networking Operation System (ZyNOS), and actually bear no connection with ZyXEL Communications Corp. or its products.

With the company’s advanced expertise in networking development, the ZyXEL networking OS (Operation System) was in the past licensed to some major chipset companies who are also the vendors to other CPE manufacturers. The source codes of the networking OS were modified according to the various needs of the licensees. Therefore, these products no longer use the original “ZyXEL networking OS,” and as such, the networking OS on the other brands’ router products bear no relation to ZyXEL-branded products.

Network security — not just for our customers, but for everyone — is of pinnacle importance to ZyXEL. As a network safety precaution, ZyXEL reminds users the following steps to prevent router vulnerability:

1. Change the router’s default password.

2. Make sure the device is running the latest-available version of the firmware.

3. Disable web configuration for remote access from the Internet. If remote access is necessary, users should limit the remote IP addresses that can access the router.

According to researchers at Team Cymru's Enterprise Intelligence Services, the hackers are altering the DNS configuration on the routers in order to redirect victims DNS requests and subsequently replace the intended answers with IP addresses and domains controlled by the attackers.