If Netgear made updating their hardware/software more user friendly (yes looking at you Genie), their products would be less exposed. My Netgear Nighthawk range extender is close to impossible for firmware update.

Is this saying that stage 1 requires a default admin password and remote management to be enabled? If so, isn't that inviting the vampire in to your house? This didn't really say how you get infected in the first place, and only briefly mentions "most of the affected devices have publicly known vulnerabilities which are not convenient for the average user to patch", and "all of the affected makes/models that we have uncovered had well-known, public vulnerabilities". Netgears's advice is simple: *Keep firmware up to date *Set a password *Disable remote management If that's "not convenient for the average user", then I have no pity. If there are "well-known, public vulnerabilities" for which there is no available firmware update, then that's a different matter. It's interesting how stage 1 uses Photobucket.com to get the IP of it's download server for stage 2 from spoofed EXIF data

I recently went with Xwrt-Vortex for my R7000. Should have done that ages ago, Netgears inhouse firmware is balls.

Rihter:

If Netgear made updating their hardware/software more user friendly (yes looking at you Genie), their products would be less exposed. My Netgear Nighthawk range extender is close to impossible for firmware update.

Sorry you've had issues. I personally have never had one with netgear.