Overview
- Hackers have seized control of more than 9,000 Asus Wi-Fi routers, adding them to a growing botnet.
- GreyNoise’s AI tool sift first detected suspicious router activity in March, leading analysts to uncover the ViciousTrap campaign.
- Attackers exploited a CVE-2023-39780 command injection flaw through brute-force login attempts and authentication bypasses to maintain persistent access.
- Asus issued a firmware update on May 27 that patches the exploited vulnerability but does not remove existing infections.
- Cybersecurity experts advise users to perform factory resets before applying the patch to eliminate stealthy backdoors.