GreyNoise Discovers Stealthy Backdoor Campaign Affecting Thousands of ASUS Routers

GreyNoise has identified a stealthy backdoor campaign targeting thousands of ASUS routers globally. The attack leverages CVE-2023-39780 alongside unpatched techniques to establish persistent access while evading traditional detection methods. This campaign highlights significant risks to network infrastructure, allowing attackers to maintain long-term control over compromised devices. The use of AI-powered tooling by GreyNoise facilitated the discovery of this elusive activity. Defenders are urged to prioritize patching ASUS firmware immediately to mitigate exploitation risks. Network administrators should monitor for unusual outbound traffic and implement strict access controls. While no specific threat actor or malware family was named in the report, the scale suggests a coordinated effort. Immediate remediation is crucial to prevent unauthorized access and potential data exfiltration. Organizations must ensure router security configurations are hardened against known vulnerabilities to protect against similar stealthy intrusion campaigns affecting consumer and enterprise networking hardware.

GreyNoise uncovers a stealth campaign exploiting ASUS routers, enabling persistent backdoor access via CVE-2023-39780 and unpatched techniques. Learn how attackers evade detection, how GreyNoise discovered it with AI-powered tooling, and what defenders need to know.

GreyNoise has identified a stealthy backdoor campaign targeting thousands of ASUS routers globally. The attack leverages CVE-2023-39780 alongside unpatched techniques to establish persistent access while evading traditional detection methods. This campaign highlights significant risks to network infrastructure, allowing attackers to maintain long-term control over compromised devices. The use of AI-powered tooling by GreyNoise facilitated the discovery of this elusive activity. Defenders are urged to prioritize patching ASUS firmware immediately to mitigate exploitation risks. Network administrators should monitor for unusual outbound traffic and implement strict access controls. While no specific threat actor or malware family was named in the report, the scale suggests a coordinated effort. Immediate remediation is crucial to prevent unauthorized access and potential data exfiltration. Organizations must ensure router security configurations are hardened against known vulnerabilities to protect against similar stealthy intrusion campaigns affecting consumer and enterprise networking hardware. GreyNoise uncovers a stealth campaign exploiting ASUS routers, enabling persistent backdoor access via CVE-2023-39780 and unpatched techniques. Learn how attackers evade detection, how GreyNoise discovered it with AI-powered tooling, and what defenders need to know. GreyNoise uncovers a stealth campaign exploiting ASUS routers, enabling persistent backdoor access via CVE-2023-39780 and unpatched techniques. Learn how attackers evade detection, how GreyNoise discovered it with AI-powered tooling, and what defenders need to know.