[ale] PSA - Asus Routers
Tom & JaVonn
PairOfTwins at mindspring.com
Mon Jun 2 15:44:30 EDT 2025
DJ:
I was pleasantly surprised, that Asus offered (first time in years) an
update for our RT-N66W that's surely over 6 years old!
It appeared to address several issues, and my only complaint was that
after the update, I lost my own access until doing a reset and
reconfigure.
It's only used as AP the last couple of years...
Tom
On Sat, 2025-05-31 at 13:38 -0400, DJPfulio--- via Ale wrote:
> Thousands of Asus routers are being hit with stealthy, persistent
> backdoors
> Backdoor giving full administrative control can survive reboots and
> firmware updates.
>
> "
> https://arstechnica.com/security/2025/05/thousands-of-asus-routers-are-being-hit-with-stealthy-persistent-backdoors/
>
> The only way for router users to determine whether their devices are
> infected is by checking the SSH settings in the configuration panel.
> Infected routers will show that the device can be logged in to by SSH
> over port 53282 using a digital certificate with a truncated key of:
> ssh-rsa
> AAAAB3NzaC1yc2EAAAABIwAAAQEAo41nBoVFfj4HlVMGV+YPsxMDrMlbdDZ...
>
> To remove the backdoor, infected users should remove the key and the
> port setting.
> "
>
> Asus makes some of the longest supported routers with industry
> leading security practices, so they are popular for people who want
> long support for a home router and don't want to do their own
> firmware or use something like OPNSense. I have an cheap Asus Router
> (RT-AX1800S) in "AP mode" myself, though my WAN router is an x86-64
> device running OPNSense. That AP replaced the popular, cheap,
> suspicious, Chinese-made brands that many people, including me, used.
>
> Patch your router, at least monthly. It it has been a few months
> since the last update, check that support hasn't ended. Routers are
> our first line of defense.
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> https://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.ale.org/pipermail/ale/attachments/20250602/293031fc/attachment.htm>
More information about the Ale
mailing list