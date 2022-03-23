Not only the esteemed Japanese antivirus company TrandMicro, but even government Cyber agencies in the U.K and the U.S are according to Security Magainze not only aware, but actively warning against the threat of the CyclopsBlink worm, that has previously attacked both Ukrainian electricity distribution, Georgia, and even the 2018 Winter Olympics, as it now seems to be targeting home routers from Asus and NAS devices.
When attacked by the Cyclops Blink worm/botnet, the device is at risk of "dialing home", enabling someone else to download files, and execute commands on the devices. As the malware is modular, additional "features" may be added later, and as it works much like a firmware update, removing it can be very difficult.
Behind it all is a group called Sandworm, who created similar systems and botnets before, and are believed to be directly controlled or even employed by the Cyber division of the Russian military.
So far, different sources list the following Asus products as being at high risk, but seeing how the botnet operates, all brands of routers could be at risk. Especially pre-2019 models of any brand could potentially be at risk.
Update your router right away please, Especially older Asus models with firmware older than the 3.0.0.4 are at risk, with these seemingly making the list of most security websites:
GT-AC5300
GT-AC2900
RT-AC5300
RT-AC88U
RT-AC3100
RT-AC86U
RT-AC68U,
RT-AC68R,
RT-AC68W,
RT-AC68P
RT-AC66U_B1
RT-AC3200
RT-AC2900
RT-AC1900P
RT-AC87U (EOL)
RT-AC66U (EOL)
RT-AC56U (EOL)