Thousands of Asus routers are being hit with stealthy, persistent backdoors
“Thousands of home and small office routers manufactured by Asus are being infected with a stealthy backdoor that can survive reboots and firmware updates in an attack by a nation-state or another well-resourced threat actor, researchers said.”
It is called ViciousTrap, and it basically embeds a public encryption key for access to the device through SSH. So this is one way it can be detected. Some vulnerabilities have been patched, but a good 9,500 plus devices were already affected.
It all comes down though again to the old issue of whether there are still updates available for routers that are a few years old, and also whether their owners are even bothering to check for and apply the patches.
In the case of Asus, there is the third party Merlin software available that does support the routers a bit longer, but even Merlin at some point freezes updates a while after Asus stops providing updates.
Which is why I made a clean break and decided to go with OPNsense, which keeps updating pretty well much like Linux does. OPNsense uses FreeBSD though, but the same theory applies.
See
Thousands of Asus routers are being hit with stealthy, persistent backdoors
Backdoor giving full administrative control can survive reboots and firmware updates.
#
technology #
routers #
vulnerability