Skip to main content

Cyberattackers Exploit Thousands of ASUS Routers to Build Botnet

Researchers from the cybersecurity firm GreyNoise reported this week that an ongoing exploitation campaign is targeting over 9,000 internet-exposed ASUS routers. Cybercriminals gained long-term access by exploiting an undisclosed vulnerability. Experts suggest that attackers were planning on building a robot network (botnet).

According to GreyNoise’s report, the attackers carried out a stealthy and sophisticated operation by using brute-force login attempts and exploiting the CVE-2023-39780 vulnerability — a command injection flaw — to execute system commands on vulnerable devices. The unknown actors enabled SSH access on TCP port 53282 and implanted a backdoor in non-volatile memory (NVRAM), allowing them to maintain remote access even after the device reboots or firmware upgrades.

GreyNoise noticed the unusual, low-profile network activity through their AI-powered analysis tool, Sift, in March and reported it. The researchers confirmed that no malware had been installed, but the operation suggested that the attackers were building a system for a future attack.

This appears to be part of a stealth operation to assemble a distributed network of backdoor devices — potentially laying the groundwork for a future botnet,” states the report.

ASUS patched the vulnerability through its latest firmware update, but it didn’t remove the SSH configuration enabled by the attackers. GreyNoise recommends ASUS router owners check for access on TCP/53282, review unauthorized entries, block the IP addresses listed on the report, and, if the device has been compromised, perform a factory reset and manually reconfigure the router.

As of May 27, nearly 9,000 ASUS routers are confirmed compromised, based on scans from Censys,” wrote GreyNoise. “GreyNoise sensors saw just 30 related requests across three months, demonstrating how quietly this campaign is operating.

Over a year ago, it was revealed that the Russian hacking group APT28 had been exploiting a vulnerability on Cisco routers for six years and managed to deploy malware and spy on users and organizations in Europe and the United States.



See TessMore Internet Business Must-Reads
Labels:

Comments

Post a Comment

Popular posts from this blog

Thousands Still Available in COVID Relief with These Small Business Grants

Building improvements can be a major expense for small businesses. And many had to make certain changes to navigate the past few years. Restaurants set up outdoor patios. Historic properties restored their storefronts. And offices added energy efficient features. Many businesses also have improvement projects planned for 2022. Luckily, many small business grant programs across the country make these projects more attainable, thus improving the customer experience and the community at large. Here are some current small business grant opportunities for building improvements, pandemic recovery, and more. Raleigh Building-Up Fit Grant Raleigh’s Small Business Development department is launching a new grant opportunity for local businesses. The Building-Up Fit Grant offers matching reimbursement funds up to $25,000 for eligible renovation projects. Businesses with 50 employees or less can apply for grants to cover projects that significantly improve the appearance and value of the pro...
Post a Comment
Read more

8 Product Recommendation Email Examples to Drive Sales in

Struggling to drive more leads and sales with your email marketing? One effective strategy to increase revenue and sales is through strategic product recommendation emails. By showcasing personalized product recommendations at the right time and using proven elements and strategies, you can engage your subscribers and convince them to make a purchase. In this article, we’ll cover what a product recommendation email actually is and discuss the benefits of sending them. We’ll also share some great examples and best practices that can help you increase sales and drive revenue for your business. What Is a Product Recommendation Email? Advantages of Sending Product Recommendation Emails 8 Product Recommendation Email Examples to Drive More Leads Best Product Recommendation Emails Practices Increase Sales With Effective Product Recommendation Emails! What Is a Product Recommendation Email? Have you ever received an email from your favorite eCommerce store showcasing products th...
Post a Comment
Read more

Top 50 Cryptocurrencies

Cryptocurrencies are digital currencies that act as mediums for exchange, just like regular money. One of the differences between cryptocurrencies and paper money is that cryptocurrencies are designed to exchange information digitally through public databases or blockchains. The blockchain is database is distributed across computers that run using blockchain software. No single entity owns or controls the database, and anyone can access the database, offer proof of ownership, and transfer cryptocurrencies through the use of crypto wallets. the global cryptocurrency market in just a decade has grown exponentially. How Many Cryptocurrencies are There? The crypto space is vast there are over 10,000 digital currencies in the market today. Due to the relative ease to launch different cryptocurrencies developers and businesses are tapping into the global crypto market to generate profits and connect with tech – savvy communities. Users too are opening cryptocurrency investment accounts in...
Post a Comment
Read more