"By using built-in Asus settings, the attackers were able to set up SSH access, a secure way to connect to and control remote devices."
"The criminals even disabled logging to avoid detection, ensuring their unauthorized access went unnoticed."
Security firm GreyNoise disclosed that thousands of Asus routers have been compromised by a sophisticated group of cybercriminals who utilized brute-force login techniques and exploited various vulnerabilities. The attackers set up unauthorized SSH access and a persistent backdoor on the devices, enabling remote control without proper authentication. Notably, logging was disabled to cover their tracks, signifying a stealth operation without malware installation. Over 9,000 routers were identified as affected, though signs of exploitation appear limited, indicating a gradual approach to their campaign.
Read at ZDNET
Unable to calculate read time
Collection
[
|
...
]