Since I disabled AiCloud, changed my DDNS registry, and rebooted my router I have not seen the issue again. It's only been 24 hours or so though.
I also disconnected the HDD that I had attached and gave it a deep scan with Avira and Malwarebytes. No detections.
I'm guessing that the malware...
Good that they changed it. Ever since I've been using ASUS routers that feature was enabled when I first set them up.
EDIT: See my previous(above) post
They were enabled by default and I have disabled them while troubleshooting. Didn't matter much to me as I had never actually used them. We have found that this issue is quite widespread at this point and due to malware.
EDIT: I don't know how it was enabled since I don't remember doing it...
I'm running stock ASUS firmware, not Merlin. Yes, it's enabled by default.
EDIT: I don't know how it was enabled since I don't remember doing it myself. I've only ever seen it enabled on this router and the last 2 ASUS routers I've had during the previous 12+ years. Everyone else seems to not...
I can vouch for Mikrotik. We use them for all of our clients in my day job. A bit of a learning curve to get comfortable with the RouterOS(Mikrotik) though.
It hasn't happened again since about 10AM today.
I found a strange entry in the log file though.
Any idea what "Tainted" means in this context? Also, first time I've seen "sshd" in the log file as well.