A recent campaign has compromised over 50,000 ASUS routers worldwide, primarily targeting outdated models with known security flaws. The operation, possibly linked to Chinese hacking groups, exploits vulnerabilities to create a vast botnet network. #ASUSWRT #OperationWrtHug
Keypoints
- The campaign primarily targets outdated ASUS routers using six known security vulnerabilities.
- Over 50,000 unique IP addresses globally have been identified as part of the infected network.
- The attack exploits a proprietary AiCloud service with a self-signed TLS certificate set to expire in 2122.
- The operation shows similarities to Chinese-linked botnets such as AyySSHush, LapDogs, and PolarEdge.
- Threat actors use command injection and authentication bypasses to deploy persistent backdoors on infected devices.
Read More: https://thehackernews.com/2025/11/wrthug-exploits-six-asus-wrt-flaws-to.html