Ye Olde ASUS WRT Router Dost Be A Security Risk
Bad Hug! Bad Hug!
Operation WrtHug is the name given to a current campaign that has infected a large number of older ASUS WRT routers and is looking for more to take over. The campaign leverages four flaws including both command injection and command execution vulnerabilities on eight ASUS WRT routers, which Bleeping Computer lists here. The routers are all older, and some of them are EoL. ASUS released patches for these vulnerabilities some time ago, so it is worth checking to see if there is a new version of the firmware for your router.
If there is not an update for your router, your best bet is to toss it and get a newer model. That way you can experience all new and undiscovered security threats … or hope you managed to find a rare secure router. If you can’t toss the old ASUS WRT router, at least disable remote access features and the AiCloud feature as well.
Most of the compromised devices have IP addresses located in Taiwan, while others are distributed across Southeast Asia, Russia, Central Europe, and the United States.
More Tech News From Around The Web
- W3 Total Cache WordPress plugin vulnerable to PHP command injection @ Bleeping Computer
- Cloudflare coughs, half the internet catches a cold @ The Register
- Microsoft tries to head off the “novel security risks” of Windows 11 AI agents @ Ars Technica
- Zoomers are officially worse at passwords than 80-year-olds @ The Register
- HPE Shows off AMD EPYC Venice and SP7 Supercomputing Node at SC25 @ ServeTheHome
- HOTO Air Pump Master Review @ NikKTech
