Update your Asus router's firmware right now or risk botnet infection

Asus router RT-AC88uImage: Asus

When thinking about computer security, you probably consider your PC and phone first and foremost. But there’s a lot of hardware between you and the nebulous malefactors of the internet, and it’s important to make sure all of it is secure. Today Asus is telling owners of its Wi-Fi routers to update their firmware in order to protect against the Cyclops Blink botnet.

The botnet is being programmed to remotely access a router’s flash memory, potentially gaining access to any unencrypted traffic it handles. The malware can be cleaned off with a full reset, since it’s not being stored in permanent storage, but most users never have a reason to perform that action. According to the Asus security brief, seventeen different router models in the GT and RT series are affected:

GT-AC5300 firmware under firmware under firmware under firmware under firmware under firmware under firmware under RT-AC68R firmware under RT-AC68W firmware under RT-AC68P firmware under firmware under firmware under firmware under firmware under (EOL)RT-AC66U (EOL)RT-AC56U (EOL)

As noted by PCGamer, the Cyclops Blink botnet is becoming a huge problem, and security and law enforcement agencies in the US and UK are warning citizens to take precautions. The RT-AC56U was released way back in 2013, so this security flaw is affecting a huge range of Asus products. While some may be set up to download and install new firmware automatically, it’s best to check with the browser-based interface on your router to make sure. Asus also recommends resetting the router to factory default settings and changing the default administrator password.

Asus said you can update your router using the following process:

“(1) Reset the device to factory default: Login into the web GUI( , go to Administration → Restore/Save/Upload Setting, click the “Initialize all the setting and clear all the data log”, and then click Restore button”
(2) Update all devices to the latest firmware.
(3) Ensure default admin password had been changed to a more secure one.
(4) Disable Remote Management (disabled by default, can only be enabled via Advanced Settings).”

Michael is a former graphic designer who’s been building and tweaking desktop computers for longer than he cares to admit. His interests include folk music, football, science fiction, and salsa verde, in no particular order.

Recent stories by Michael Crider:

Ring of bogus web shops steals 850K credit card numbersIf you get a phone call from LastPass, it’s a scamScraper spies on 600 million Discord users and sells the data

Leave a Response