tldrdaily.news logo
Tag

Asus Routers

All articles tagged with #asus routers

KadNap Botnet Converts ASUS Routers into a Global Residential Proxy Network
cybersecurity2 hours ago

KadNap Botnet Converts ASUS Routers into a Global Residential Proxy Network

KadNap, a new botnet, hijacks ASUS routers and other edge devices to form a peer-to-peer proxy network for malicious traffic. By August 2025 it controlled about 14,000 devices, using a custom Kademlia DHT to locate C2s, though two fixed nodes connect early to the C2s, aiding takedowns. Infections start by pulling aic.sh from 212.104.141.140, establish persistence via a cron job every 55 minutes, and install an ELF payload kad. KadNap’s DHT design aims to decentralize control, but the two steady nodes undermine this to some extent. The botnet is linked to the Doppelganger proxy service, which rents infected devices as residential proxies for DDoS, credential stuffing, and brute-force campaigns. Lumen has blocked KadNap traffic on its network and will publish IOC to help others disrupt the botnet.

via BleepingComputer|
#asus-routers#botnet#cybersecurity
Urgent: Check Your Asus Router for Hacks and Backdoors
technology9 months ago

Urgent: Check Your Asus Router for Hacks and Backdoors

Thousands of Asus routers have been compromised through a sophisticated attack involving brute-force login attempts and authentication bypasses, exploiting a previously unknown vulnerability. Users should verify if their routers are affected, disable SSH access, block suspicious IPs, and perform a factory reset to ensure security, especially since the vulnerability has been patched but the backdoor may persist if not fully reset.

via Lifehacker|
#asus-routers#backdoor#cybersecurity
Urgent: How to Check if Your Asus Router Has Been Hacked in the Latest Cyberattack
technology9 months ago

Urgent: How to Check if Your Asus Router Has Been Hacked in the Latest Cyberattack

A security report reveals that around 9,000 Asus routers have been hacked by a sophisticated threat actor aiming to create a botnet. Users can check if their routers are compromised by inspecting SSH access and should perform a factory reset if infected. Updating firmware and blocking specific IPs are recommended to prevent future attacks.

via PCMag|
#asus-routers#botnet#cybersecurity
Global Botnets Exploit Router Vulnerabilities to Maintain Persistent Backdoors
technology9 months ago

Global Botnets Exploit Router Vulnerabilities to Maintain Persistent Backdoors

A new botnet named 'AyySSHush' has compromised over 9,000 ASUS routers by exploiting an old vulnerability to install a persistent SSH backdoor, allowing attackers to maintain access even after reboots or firmware updates. The campaign, possibly linked to a nation-state actor, also targeted other SOHO routers from Cisco, D-Link, and Linksys, and involves stealthy techniques to evade detection. ASUS has released security patches, and users are advised to update firmware, check for suspicious files, and reset their devices if compromised.

via BleepingComputer|
#asus-routers#botnet#cybersecurity
"Massive Botnet Malware Infects Thousands of Routers for Proxy Service"
cybersecurity1 year ago

"Massive Botnet Malware Infects Thousands of Routers for Proxy Service"

A new variant of TheMoon malware has infected 6,000 ASUS routers in 72 hours, linking them to the Faceless proxy service used by cybercriminals for anonymizing malicious activities. The malware targets end-of-life ASUS routers, likely exploiting known vulnerabilities or weak credentials to gain access. Once infected, the routers are used as proxies to route traffic for cybercriminals. To defend against these botnets, users are advised to use strong admin passwords, upgrade firmware, and replace end-of-life devices with actively supported models.

via BleepingComputer|
#asus-routers#black-lotus-labs#cybersecurity