Thousands of ASUS Routers Hijacked in Stealthy Backdoor Campaign
A threat actor has used ASUS routers’ legitimate features to create persistent backdoors that survive firmware updates and reboots
Stay updated on firmware security: Explore the latest threats, updates, and protection strategies for safeguarding critical system software.
Search across headline titles and summaries.
Background for this topic.
Firmware is software stored in a device’s nonvolatile memory that initializes and controls hardware, often before an operating system or application runs. It may reside in computers, network equipment, phones, industrial controllers, storage devices, and embedded components. Firmware can be updated, so it is not necessarily permanent or read-only.
Firmware matters to security because vulnerabilities or unauthorized changes can affect a device beneath the operating system and may persist across software reinstallation. Important controls include authenticated, cryptographically signed updates; secure boot, which verifies code before execution; protection against unauthorized flashing and downgrade attacks; and a reliable recovery mechanism. Practitioners also need firmware inventories, vulnerability tracking, and a supported update process, since obscure components can remain unpatched or use insecure update mechanisms. During an investigation, verifying firmware integrity and the device’s boot chain can help distinguish an operating-system compromise from a deeper modification.
Weekly headline count for the current query.
A threat actor has used ASUS routers’ legitimate features to create persistent backdoors that survive firmware updates and reboots
HP Wolf reveals that 79% of IT security decision makers are lacking in crucial hardware and firmware expertise
Customers of Advantech’s EKI-6333AC-2G industrial-grade wireless access point have been urged to update their devices to new firmware versions
The flaw allows the installation of malware that operates at the firmware level
Bitdefender researchers revealed the vulnerability allows an attacker to send commands to the thermostat and replace its firmware
The implant's components are designed to be compatible with different firmware from various vendors
Vulnerability affects QTS and QuTS Hero firmware
The flaws affect various Lenovo Yoga, IdeaPad and ThinkBook devices