Malware Cyclops Blink Targets Multiple Asus Routers, Officially Releases Mitigations

According to Trend Micro’s technical documents, a number of ASUS wireless router products may be attacked by the Cyclops Blink malware. ASUS has also issued mitigation measures, calling on users to protect their products and personal information as soon as possible.

The Taiwan Computer Network Crisis Management and Coordination Center pointed out that Cyclops Blink, whose features allow hackers to remotely access infected networks, is linked to the Russian-backed Sandworm hacking group, which has previously targeted Is the WatchGuard Firebox and other SOHO network devices.

Cyclops Blink has modules specially designed for various models of ASUS wireless routers, which can read the flash memory and collect the files, executable files, data and important information of the database.

The product security advisory published by ASUS shows that the following router models and versions are vulnerable to Cyclops Blink attacks:

  • GT-AC5300 firmware version 3.0.0.4.386.xxxx and below.
  • GT-AC2900 firmware version 3.0.0.4.386.xxxx and below.
  • RT-AC5300 firmware version 3.0.0.4.386.xxxx and below.
  • RT-AC88U firmware version 3.0.0.4.386.xxxx and below.
  • RT-AC3100 firmware version 3.0.0.4.386.xxxx and below.
  • RT-AC86U firmware version 3.0.0.4.386.xxxx and below.
  • RT-AC68U, RT-AC68R, RT-AC68W, RT-AC68P firmware version 3.0.0.4.386.xxxx and below.
  • RT-AC66U_B1 firmware version 3.0.0.4.386.xxxx and below.
  • RT-AC3200 firmware version 3.0.0.4.386.xxxx and below.
  • RT-AC2900 firmware version 3.0.0.4.386.xxxx and below.
  • RT-AC1900P, RT-AC1900P firmware version 3.0.0.4.386.xxxx and below.
  • RT-AC87U.
  • RT-AC66U.
  • RT-AC56U.

ASUS’ product security recommendations have stated mitigation measures, including restoring the device to its original factory settings, updating the firmware to the latest available version, also confirming that the router’s default administrator password has been replaced with a more secure password, and prohibiting remote access. terminal management function. ASUS will provide a new version of the firmware in the near future. It is recommended that users who own the above products protect their products as soon as possible to avoid losses caused by Cyclops Blink attacks.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s