Asus routers are being hit with stealthy, persistent backdoor
a year ago
- #RouterBackdoor
- #Cybersecurity
- #NationStateThreat
- Thousands of Asus home and small office routers infected with a stealthy backdoor.
- Backdoor survives reboots and firmware updates, indicating advanced threat actor involvement.
- Attackers exploit patched vulnerabilities, some not tracked in the CVE system.
- Unauthorized administrative access allows installation of a public encryption key for SSH.
- Durable control maintained without malware, using authentication bypasses and legitimate features.
- GreyNoise reports ~9,000 backdoored devices globally, with numbers increasing.
- No current malicious activity detected; likely preparing for future use.