Menu
What's new
By:
Filters Better Search

Does the VPNFilter malware affect ASUS Routers?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

AntonK

AntonK

Very Senior Member
FYI --

I have now seen three seemingly unrelated reports from individuals claiming that they have recently discovered that their Asus router started behaving strange, and that a new VPN client has been created. They all speculate that this could have something to do with VPNFilter. Two of the individuals were running the stock Asus WRT firmware, one claims to have been using Merlin's firmware. As far as I have seen, they all were using updated firmware, and did not have any spectacularly unsecure configuration (at least one may have had remote access enabled, from using Asus' smartphone app.

Sources:
  1. https://www.reddit.com/r/HomeNetworking/comments/8m95re/asus_ac68u_hacked_vpnfilter/
  2. https://www.reddit.com/r/HomeNetwor...d_unknown_vpn_on_my_router_was_router_hacked/
  3. (the third report was written yesterday in the Facebook "Synology Admins & Users" Group, but for som reason that whole thread was deleted yesterday (possibly due to the fact that the thread had nothing to to with Synology)). The story was similar -- a fairly tech-savvy user (i.e., not using outdated firmware or crap-settings) discovered a newly created VPN on the router
 
No Asus router, or any other router tbh, can be affected by a remote exploit like VPNFilter if it has no WAN ports open.

Unfortunately, it is surprisingly easy to open up such ports on Asus routers, especially by the Asus mobile app. Exactly as one of those Reddit links you posted made clear.

Just follow the usual security practices, avoid the Asus mobile app, and you will be and would have been fine: https://routersecurity.org/checklist.php
 
You must log in or register to reply here.

Similar threads

XIII
EOL ASUS routers affected by TheMoon malware
Replies
17
Views
2K
northumberland
N
C
AVrecon malware infects 70,000 Linux routers to build botnet
Replies
5
Views
854
cptnoblivious
C
T
ASUS Router hard reset
Replies
3
Views
790
Tech9
Tech9
P
Threat protection / DNS filtering / Router security (on home network)
Replies
1
Views
740
Tech9
Tech9
C
Ruckus Security Issue
Replies
0
Views
507
coxhaus
C
Similar threads
Thread starter Title Forum Replies Date
Coldblackice Does ASUS Merlin's QoS consider DSCP? Asuswrt-Merlin 3
fffddd URL filtering in the firewall does not take effect Asuswrt-Merlin 7
B Solved Client list in Network Map is empty and changing the System Log verbosity in the web GUI does nothing Asuswrt-Merlin 7
D [ASUS AX86U Merlin] Blink Sync Module does not connect (connects to iphone hotspot) Asuswrt-Merlin 0
L Does the latest AsusWRT/Merlin FW has a memory leak? Asuswrt-Merlin 20
G network map does not get refreshed Asuswrt-Merlin 7
C Does default dnsmasq configuration store LAN names? Asuswrt-Merlin 6
R My whole network has been randomly freezing up and when it does the log sayes this: Asuswrt-Merlin 4
D Asus GT-AX11000 - Dual WAN Issues - Does Merlin Resolve? Asuswrt-Merlin 17
D IPTV - VPN via Router does not work, App does Asuswrt-Merlin 2

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 819 (members: 25, guests: 794)
Top