Tech Stocking Stuffers: 18 awesome gifts under $50

Asus routers exploited, connected drives easily accessed

By Scorpus ยท 13 replies
Feb 17, 2014
Post New Reply
  1. Hackers have exploited an eight-month-old flaw in Asus routers, giving anyone access to data stored on drives connected directly through the USB port on the back. Some affected users have found text files on their connected drives informing them they've...

    Read more
  2. misor

    misor TS Evangelist Posts: 1,272   +241

    What did asus say after "the non-issue" was proven to be false?
    did asus issue an apology before the release of the firmware fix?
    did kyle Lovett found the new asus firmware to fix the vulnerability he discovered?
  3. tipstir

    tipstir TS Ambassador Posts: 2,426   +112

    Never use this brand for Routers. I stick with Network companies who know what they're doing. ASUS has way to many unfinished firmware.
  4. That screenshot is from elementary os :)

    use firmware other than the one supplied by the manufacturer, and you should be safe.
  5. TomSEA

    TomSEA TechSpot Chancellor Posts: 2,680   +761

    I've been using the Asus RT-AC66U for over a year now and it's been rock solid in its performance. Prior to that I had a Linksys was turned out to be a piece of crap and prior to that a NetGear which gave me inconsistent performance.

    Until something changes, I'll continue to use ASUS routers.
  6. Recently purchased an RT-N16 to replace my aging and sadly modern-day underpowered WRT54GSv1 and the first thing I did was install Tomato Toastman on it because the stock firmware is absolute crap, just like linksys' stock firmware is/was.

    anyone who doesnt know this deserves to get hacked imo.

    NTAPRO TS Evangelist Posts: 809   +102

    Last edited: Feb 20, 2014
  8. Capaill

    Capaill TS Evangelist Posts: 422   +160

    Wow, thanks for this TS. I've been a happy owner of an RT-N66U for a year and had no idea. Thankfully I have nothing plugged into the USB ports. I thought disabling WPS would make it secure enough! :) Any other network hardening tips?
  9. bexwhitt

    bexwhitt TS Guru Posts: 337   +67

    The one I got for a local business as external access set to specific ip's and the password has been changed
  10. customcarvin

    customcarvin TS Enthusiast Posts: 103   +8

    Wow congratulations, you read about flashing firmware onto a router that someone else coded and compiled for you... you should feel superior to everyone else.I think you might even be borderline genius...

    I also use a Tomato build (Shibby) on my ASUS routers, but saying a person - especially the average consumer - "deserves to get hacked," because they use stock firmware, or they don't know about a vulnerability in their routers current firmware, is just plain freaking stupid. I'm pretty sure you're just trolling, but I decided to call you out on it anyway... stupid.
    Last edited: Feb 18, 2014
    SantistaUSA likes this.
  11. ddg4005

    ddg4005 TS Guru Posts: 383   +54

    Well, I'm using the stock firmware that came with my RT-AC68R but I did update it recently so I'm not worried (I also don't use any external drives with the USB ports). Calling people stupid because they use stock firmware with their routers is just a weak man's attempt to sound strong and knowledgeable.
    Last edited: Feb 19, 2014
    SantistaUSA likes this.
  12. And to add to retorts towards said trolling guest that people who don't know... deserve what they get.

    So you know about flashing firmware files... yay.

    Do you know about code ? Do you know what you just flashed ? Did you do the md5 checksum? Are you 100% sure that the people making these CFW for your appliances are not putting little backdoors in ?

    Are you sure you are safe ?

    I mean if someone wants in, and they know what they are doing, they will get in. Your firmware flashing may fix this exploit, and you may have closed a wide open door... but did you check your windows ? Is someone under your bed right now in your documents lolling?
    SantistaUSA likes this.
  13. tonylukac

    tonylukac TS Evangelist Posts: 1,366   +67

  14. Victim

    Victim TS Rookie

    I own a RT-56U router that had a USB drive compromised. I check for updated firmware every month. Someone browsed personal photos and videos and left inappropriate messages on the drive for me to find. I blame ASUS and Kyle Lovett for this breach. ASUS makes a fine product, but really screwed up with the security oversight. Then they arrogantly ignored several warnings from the then well intentioned Mr. Lovett. However, I think Mr. Lovett is equally irresponsible for publishing the details on how to exploit the vulnerability. Is this a way for Mr. Lovett to get attention from ASUS and the world by throwing people under the bus? I equate that to discovering a national security flaw and then divulging exploitation details to the rest of the world, including terrorists, after efforts to notify the authorities are overlooked or ignored.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...