If you own an Asus router, it might be one of the 9,000 hacked by “a well-resourced and highly capable adversary,” according to a new report from security firm GreyNoise.

GreyNoise discovered the issue on May 18, and is now disclosing it after reporting its findings to the government and industry partners. The culprit is unknown, but “the level of tradecraft suggests a well-resourced and highly capable adversary,” GreyNoise says.

The threat actor engaged in an extensive exploitation campaign, gaining unauthorized access to Asus routers exposed to the internet. Their goal appears to have been to assemble a distributed network of devices and create a botnet.

What to Do If You Have an Asus Router

If you own an Asus router, there is a simple way to see if the hackers got into your device. First, log into the router’s firmware and look for the “Enable SSH” option in settings. It could be under the “Service” or “Administration” section. If the device is compromised, it will show that someone can log into it using SSH over port 53282 with this SSH public key (truncated here):

ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAo41nBoVFfj4HlVMGV+YPsxMDrMlbdDZ...

If your router has been accessed, the best thing you can do is a factory reset, advises PCMag security analyst Kim Key. This attack is a formidable one, GreyNoise says, because it “survives both reboots and firmware updates, giving them durable control over affected devices.” A factory reset will get around this. In most other cases, updating the firmware would’ve solved the problem.

Asus also recommends you remove or disable the SSH entry and block the following four IP addresses, according to ZDNet:

• 101.99.91.151

• 101.99.94.173

• 79.141.163.179

• 111.90.146.237

If your router was not accessed, update the firmware to prevent any future issues. Asus fixed the CVE-2023-39780 flaw with its latest firmware update. “Keep on top of firmware updates for all of the internet-connected devices in your home, including your router,” Key says. “In addition to your other cybersecurity checklist chores, remember to check your devices periodically for updates throughout the year.”

Get Our Best Stories!

Stay Safe With the Latest Security News and Updates

Sign up for our SecurityWatch newsletter for our most important privacy and security stories delivered right to your inbox.

By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy.

Thanks for signing up!

Your subscription has been confirmed. Keep an eye on your inbox!

About Emily Forlini

Senior Reporter

I’m the expert at PCMag for all things electric vehicles and AI. I’ve written hundreds of articles on these topics, including product reviews, daily news, CEO interviews, and deeply reported features. I also cover other topics within the tech industry, keeping a pulse on what technologies are coming down the pipe that could shape how we live and work.

Read Emily’s full bio

Read the latest from Emily Forlini