Home / Technology / China-Linked Hackers Seize Thousands of Asus Routers
China-Linked Hackers Seize Thousands of Asus Routers
22 Nov
Summary
- Thousands of unsupported Asus routers compromised by hackers.
- Suspected China-state group operating under operation WrtHug.
- Compromised routers likely used for covert espionage, not DDoS.
Thousands of Asus routers have been compromised by a hacking group suspected to be state-sponsored by China, according to researchers. The operation, dubbed WrtHug, specifically targets seven models of Asus routers that are no longer supported by the manufacturer, leaving them vulnerable to security breaches. The exact motives behind this mass compromise are still under investigation.
Security researchers suggest that these compromised routers are likely being utilized to establish operational relay boxes (ORBs). This technique is commonly employed for espionage and to mask the identities of the perpetrators, differing from overt malicious activities typical of botnets, such as Distributed Denial of Service (DDoS) attacks. The full extent of the threat actor's capabilities with this level of access is yet to be determined.
The affected routers are predominantly concentrated in Taiwan, with smaller clusters detected in South Korea, Japan, Hong Kong, Russia, central Europe, and the United States. This activity echoes past incidents where Chinese state-linked groups have built extensive ORB networks for surveillance and reconnaissance.
