Ars TechnicaNov 21
Thousands of hacked Asus routers are under control of suspected China-state hackers
So far, the hackers are laying low, likely for later use.
https://arstechnica.com/security/2025/11/thousands-of-hacked-asus-routers-are-under-control-of-suspected-china-state-hackers/?utm_brand=arstechnica&utm_social-type=owned&utm_source=mastodon&utm_medium=social
Show threadSterling
@arstechnica
@briankrebs
Maybe I'm slow, but I have several issues with the article.
1) These routers do not appear to be EOL. All are AC or AX. The ones I checked are still on Asus website.
2) It's not clear what software these routers were running. Stock Asus? WRT Merlin? If so what versions?
3) Does the vulnerability only apply to internet facing routers? i.e. what if they are used as wifi APs only? What if they are behind a firewall.
Nov 22 at 2:35amWeb
Show threadMichael HorowitzNov 22
@AG100pct @arstechnica @briankrebs excellent questions