Researchers say attacks are laying the groundwork for stealthy espionage activity
theregister.co.ukAround 50,000 ASUS routers have been compromised in a sophisticated attack that researchers believe may be linked to China, according to findings released today by SecurityScorecard's STRIKE team.
Dubbed "Operation WrtHug", the campaign exclusively targets end-of-life ASUS WRT routers, exploiting multiple known vulnerabilities - some dating back to 2023. The affected routers are primarily concentrated in Taiwan and Southeast Asia, with minimal impact on mainland China, Russia, or the United States.
Attackers are exploiting six security flaws, including:
- Four high-severity command injection bugs from 2023 (CVE-2023-41345, CVE-2023-41346, CVE-2023-41347, CVE-2023-41348) - all rated 8.8
- CVE-2024-12912 (7.2)
- CVE-2025-2492 (9.2)
The 2023 vulnerabilities are linked to CVE-2023-39780, another command injection flaw that was added to CISA's Known Exploited Vulnerabilities catalog in February, and previously used in the AyySSHush operational relay box (ORB) campaign that compromised more than 8,000 ASUS routers in May, uncovered by GreyNoise.
GreyNoise's VP ...
Copyright of this story solely belongs to theregister.co.uk . To see the full text click HERE