IT ALERT: Cyclops Blink botnet targeting Asus routers in a new wave of cyberattacks.

IT Alert Asus Router

Asus routers are being targeted in cyberattacks by a Russian Advanced Persistent Threat (APT) group named Sandworm/Voodoo Bear is suspected of being behind Cyclops Blink, a modular botnet.

Several large organizations have warned the public about this botnet, including the Cybersecurity and Infrastructure Agency (CISA), the NSA and the FBI.  

What You Can Do

Asus Routers has urged customers to reset their devices to the factory default setting, update to the latest firmware, and change any default admin credentials to stronger options.  

If your device has been infected with Cyclops Blink, it is best to get a new router.  

Here are the models that are at risk:

  • GT-AC5300 firmware under 3.0.0.4.386.xxxx
  • GT-AC2900 firmware under 3.0.0.4.386.xxxx
  • RT-AC5300 firmware under 3.0.0.4.386.xxxx
  • RT-AC88U firmware under 3.0.0.4.386.xxxx
  • RT-AC3100 firmware under 3.0.0.4.386.xxxx
  • RT-AC86U firmware under 3.0.0.4.386.xxxx
  • RT-AC68U, AC68R, AC68W, AC68P firmware under 3.0.0.4.386.xxxx
  • RT-AC66U_B1 firmware under 3.0.0.4.386.xxxx
  • RT-AC3200 firmware under 3.0.0.4.386.xxxx
  • RT-AC2900 firmware under 3.0.0.4.386.xxxx
  • RT-AC1900P, RT-AC1900P firmware under 3.0.0.4.386.xxxx
  • RT-AC87U (EOL)
  • RT-AC66U (EOL)
  • RT-AC56U (EOL)

Please check your ASUS routers and act soon.
 

About Acumen

We are a TOP FIVE Managed IT Services provider in St. Louis, Missouri, working to empower businesses to achieve their goals by leveraging technology.

Recent Posts

Sign up for our newsletter