Asus routers at risk from malware: Firmware updates should avert Cyclops blink attacks
The Cyclops blink botnet from Sandworm is targeting routers from Asus. The manufacturer has now released the first firmware updates and provides tips to avert the evil.
Cyclops-Blink has targeted Asus routers. This is a malware belonging to a botnet that nests in the flash memory of the router. This is said to allow the software to remain on it even if the device is reset. According to a report by Trend Micro, it is capable of reading security-related data.
According to the U.S. security agency CISA, a state-owned Russian entity 74455 with the nickname Sandworm is behind Cyclops-Blink. The botnet had already infected WatchGuard firewalls at the end of February.
Which Asus routers are affected?
According to experts, the malware is programmed to be advanced and modular. Therefore, it is possible that devices from other manufacturers are also affected or will be.
According to Asus, the following Wi-Fi 5 routers with firmware under 3.0.0.4.386.xxxx are affected: GT-AC5300, GT-AC2900, RT-AC5300, RT-AC88U, RT-AC3100, RT-AC86U, RT-AC68U, RT-AC68R, RT-AC68W, RT-AC68P, RT-AC66U_B1, RT-AC3200, RT-AC2900, RT-AC1900P.
Furthermore, the RT-AC87U, RT-AC66U and RT-AC56U models are also affected. Unfortunately, they don't get support anymore, because they are too old. If you own any of these three products, I strongly advise against continuing to use them.
What can I do if my router is affected?
The following procedure is recommended by Asus to secure the device against Cyclops-Blink:
- Reset the device to factory settings: log into the web interface (http://router.asus.com), go to Administration → Restore/Save/Upload Setting, click on "Initialize all the settings and clear all the data log", and then click on the Restore button.
- Update the device to the latest firmware.
- Make sure that the default administrator password has been changed to a more secure one.
- Disable the Remote Management feature (remote management is disabled by default and can only be enabled via the advanced settings).
I find my muse in everything. When I don’t, I draw inspiration from daydreaming. After all, if you dream, you don’t sleep through life.