Particle.news

Download on the App Store

Over 9,000 Asus Routers Compromised in ViciousTrap Hack

GreyNoise warns that infected routers remain invisible to standard defenses even after restarts or firmware updates.

Image
Image

Overview

  • Hackers have seized control of more than 9,000 Asus Wi-Fi routers, adding them to a growing botnet.
  • GreyNoise’s AI tool sift first detected suspicious router activity in March, leading analysts to uncover the ViciousTrap campaign.
  • Attackers exploited a CVE-2023-39780 command injection flaw through brute-force login attempts and authentication bypasses to maintain persistent access.
  • Asus issued a firmware update on May 27 that patches the exploited vulnerability but does not remove existing infections.
  • Cybersecurity experts advise users to perform factory resets before applying the patch to eliminate stealthy backdoors.