Asus routers and Russian virus

I've read a couple reports today about some new Russian virus called Cyclops Blink that is targeting Asus home routers and this was apparently picked up by Trend Micro.

There is one such article here https://www.bleepingcomputer.com/news/security/asus-...

I have an aged Asus router stored in the loft as a backup, but I am still curious about this. My TP-Link router has Trend Micro security as an option, however I turned it off recently, because it has become such a pain due to flagging nonsense like FTP uploads as a threat and therefore dragging connections to a crawl until the router is restarted.

Any thoughts generally on this question of Russian meddling hitting home users given the situation in Ukraine? I am guessing it is related.

As a quick follow up it strikes me as odd that Asus routers are apparently being targeted, even though it is well known that they have Trend Micro included. Why not other brands?

Along similar lines I see various governments are now warning of potential risks using Kaspersky anti virus software, which has ties to Russia. https://techcrunch.com/2022/03/15/germany-kaspersky-...

Edited by charlestown (Mon 21-Mar-22 14:57:51)

In reply to a post by charlestown:

As a quick follow up it strikes me as odd that Asus routers are apparently being targeted, even though it is well known that they have Trend Micro included. Why not other brands?

My guess would be they target them because it is easy for them to do so? It's well known that most home routers do not exactly have the best security.

I posted on this a few weeks ago and have removed Kaspersky Internet Security from all our community group computers. After seeing Russia's claims that the "Ukrainian Nazis" are shelling and bombing their own cities I don't believe any of their authorities or companies.

The idea of a Russian software company scamming the bank accounts of millions of private citizens -- never mind companies -- might once have seemed something from a Len Deighton novel. Not any more.

I have to agree; nothing seems beyond possibility at this point. My wife is Ukrainian and her whole family are still trapped out there, but you certainly cannot call it safe. Frankly the news coverage is sugar coated for public consumption.

Her parents are now at a country dacha to the east of Kyiv. They are under permanent curfew for their own safety living in the basement and not allowed to leave the house. A few days ago a neighbour in the village tried to make a dash towards the west with his 16 year old son and both were dead within minutes. My wife's brother remains in Kyiv to defend the city.

Personally I'd run a mile from anything associated with Russia, especially security related for the computer.

The advice in the article will provide protection against most threats.

- Update to the latest available firmware.
- Ensure the default admin password has been changed to a more secure one.
- Disable Remote Management (disabled by default, can only be enabled via Advanced Settings).

In reply to a post by Zadeks:

The advice in the article will provide protection against most threats.

- Update to the latest available firmware.
- Ensure the default admin password has been changed to a more secure one.
- Disable Remote Management (disabled by default, can only be enabled via Advanced Settings).

It was suggested recently that admin should not be a userid. Rather there should be a different userid with full admin access.