Security Stop-Press: Asus Routers Hit by Stealth Backdoor Attack

June 5, 2025

Security Stop-Press: Asus Routers Hit by Stealth Backdoor Attack

Thousands of Asus routers have been compromised in a silent, persistent attack that gives hackers remote access, even after firmware updates.

Cybersecurity firm GreyNoise uncovered the campaign, which targets internet-facing Asus models like the RT-AC3100 and RT-AX55. Attackers use brute-force logins or old vulnerabilities to gain admin access, then exploit a flaw (CVE-2023-39780) to enable hidden logging features and install a stealthy backdoor.

SSH access is then enabled through official settings, with an attacker-controlled key added. GreyNoise warns this “persists across firmware upgrades” and may be part of a long-term botnet operation, with over 4,800 affected devices already detected.

Businesses using Asus routers should check for SSH on port 53282, inspect authorised\_keys, and block known malicious IPs. If compromise is suspected, only a full factory reset can remove the backdoor.

Featured Article : Grok Blocked! Quarter Of EU Firms Ban Access

Featured Article : Grok Blocked! Quarter Of EU Firms Ban Access

June 5, 2025
New research shows that one in four European organisations have banned Elon Musk’s Grok AI chatbot due to concerns over misinformation, data privacy and reputational risk, making it far more widely rejected than rival tools like ChatGPT or Gemini.
Tech Insight : Why Google’s New 'Fingerprint' Policy Matters

Tech Insight : Why Google’s New 'Fingerprint' Policy Matters

June 5, 2025
In this Tech Insight, we look at Google’s controversial decision to allow advertisers to use device fingerprinting, exploring what the technology involves, why it has sparked concern, and what it means for users, businesses, and regulators.
More Posts