Badged versions of TP-Link routers are supplied to US customers by more than 300 ISPs, making them the most widely used Wi-Fi routers in the country, found in millions of US homes.
It therefore caused grave concern when security researchers at Microsoft found that a hacking group based in China was using vulnerabilities in the devices to carry out cyber attacks in the US. It had been widely expected that the routers would be banned from sale in the US, but politics seemingly intervened. However, the battle is not yet over …
The TP-Link router security alert
TP-Link routers account for some 65% of the US market. Many people won’t even be aware that they have one in their home because badged versions generally carry ISP branding.
Security researchers found that they were being used by a hacking entity based in China. It was speculated that the entity was operating on behalf of the Chinese government.
An analysis from Microsoft published in October found that a Chinese hacking entity maintains a large network of compromised network devices mostly comprising thousands of TP-Link routers. The network has been used by numerous Chinese actors to launch cyberattacks. These actors have gone after Western targets including think tanks, government organizations, nongovernment organizations and Defense Department suppliers.
It was also suggested at the time that the devices were being sold at a loss specifically to get them into US homes.
After three separate investigations were opened at the Departments of Commerce, Defense, and Justice, it was widely expected that the devices would be banned from sale in the US. However, the White House reportedly shelved this plan ahead of a summit between Trump and China’s Xi Jinping.
Texas continues the fight
While the federal government may be taking no action at this time, Texas is continuing the fight, as Engadget reports.
Texas is suing Wi-Fi router maker TP-Link for deceptively marketing the security of its products and allowing Chinese hacking groups to access Americans’ devices, Attorney General Ken Paxton has announced. Paxton originally started looking into TP-Link in October 2025. Texas Governor Greg Abbott later prohibited state employees from using TP-Link products in January of this year.
TP-Link denies the claims, stating that the company is now US-owned and its products are assembled in Vietnam. However, Texas argues that because components are made in China, the suppliers have to comply with requests from Chinese intelligence agencies to install firmware which enables access by the government.
9to5Mac’s Take
Personally, I would not use a TP-Link router. Even if one is supplied by your ISP, you don’t have to use it and can replace it with your own choice of router, which will typically also have better specs.
- Wireless routers on Amazon (but note the branding as you check listings)
- Official Apple Store on Amazon
- Apple’s iPhone cases: iPhone 17 | iPhone 17 Pro and Pro Max | iPhone Air
- Wireless CarPlay adapter (2026 update)
- AirTag holders and accessories
- Mac Pro-style Mac mini casing
- NordVPN – privacy-first VPN with no logs and independent audits to verify
FTC: We use income earning auto affiliate links. More.
Comments