Urgent Router Security Alert: Thousands Compromised, FBI Warns of Outdated Devices – Is Yours at Risk?

Your router, often an unsung hero of your digital life, could be a silent security risk. In a concerning turn of events, thousands of Asus routers have been compromised by a sophisticated botnet attack, while the FBI has issued a stark warning about the dangers of outdated routers being exploited by cybercriminals. Are you protected?

AyySSHush Botnet Targets Asus Routers

A newly discovered botnet, dubbed 'AyySSHush,' has silently infiltrated over 9,000 Asus routers, according to a report by cybersecurity firm GreyNoise. The attack, detected , leverages undocumented authentication bypass techniques and a known command injection vulnerability (CVE-2023-39780) to gain persistent access.

What makes this attack particularly insidious is its stealthy nature. The attackers utilize official Asus router features to maintain access, including enabling SSH on a non-standard port and installing their own SSH key. Critically, the backdoor is written to the router's non-volatile memory (NVRAM), meaning firmware updates alone are insufficient to remove the threat.

Asus has released an update addressing CVE-2023-39780 and login bypass techniques. However, this update primarily acts as a preventive measure. If your router has already been compromised, manual steps are required to fully secure it:

• Check for active SSH access on TCP port 53282
• Review the authorized_keys file for unfamiliar entries
• Block known malicious IP addresses
• Consider a full factory reset

FBI Sounds Alarm on Outdated Routers

Adding to the urgency, the FBI has issued a public warning about cybercriminals actively exploiting old, unpatched routers. These devices, often manufactured around 2010 or earlier, no longer receive security updates, making them easy targets for malware like 'TheMoon'.

Compromised routers are being conscripted into proxy networks, masking the perpetrators' identities and routing malicious traffic through unwitting victims' networks. The FBI specifically named several Cisco Linksys models as frequent targets, including the E1000, E1200, and WRT series.

Am I at Risk? Key Steps to Protect Your Network

The combined threats highlight the critical need for proactive router security:

1. Replace Old Routers:If your router is over five years old or no longer receives updates, upgrade to a modern, secure model.
2. Keep Firmware Updated: Regularly check for and install firmware updates.
3. Disable Remote Access: Turn off remote management features to prevent unauthorized access.
4. Use Strong Passwords: Change the default router password to a complex, unique one.
5. Monitor for Suspicious Activity: Be alert for slow connections or unfamiliar devices on your network.
6. Report Incidents: If you suspect a compromise, report it to the Internet Crime Complaint Center (IC3).

The security of your home network hinges on the security of your router. With sophisticated attacks on the rise and warnings from the FBI, now is the time to take action. Is your router up to the challenge?

What security measures have you taken to protect your router? Share your thoughts and tips in the comments below.

• ASUS
• Cisco
• Router