Recently, the cybersecurity platform GreyNoise disclosed a concerning vulnerability in nearly 9,000 ASUS routers, indicating that these devices have been compromised with backdoors in a cyberattack. This situation could potentially be exploited for future botnet creation. The affected ASUS router models include the RT-AC3200, RT-AC3100, GT-AC2900, Lyra Mini, and RT-AX55.

GreyNoise has highlighted vulnerabilities associated with authentication bypass and command execution, specifically citing CVE-2021-32030 and CVE-2023-39780. In response, ASUS has swiftly released firmware patches to address these issues. However, users are urged to exercise caution. If their routers were compromised prior to applying the update, they should first restore the devices to factory settings and reconfigure them. Additionally, users should thoroughly inspect the TCP/53282 port and the authorized_keys file to ensure that any backdoors are completely eliminated.