What's new

Malware damaging ASUS routers?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

It’s about time. Two more people reported damaged RT-AX86U routers today. The most affected model will be updated last for unknown reasons. 🧐
Imho one of the factors slowing down the release of fixes for these devices seems to be the inherent 'fragility' of the HND architecture (CFE erase etc) they use, which makes actual damage possible. My two cents.
 
There are many HND platform routers, not just this one. EoL RT-AC86U got an update before RT-AX86U.
 
There are many HND platform routers, not just this one. EoL RT-AC86U got an update before RT-AX86U.
Yes, I’m aware there are other models technically part of the HND family, but if I understand correctly, there are various revisions of the platform.

Perhaps some revisions are affected, while others aren’t.

Just speculation for now.
 
I have a new unboxed ax86u pro .... is the pro included in this malware issue.

Was hope in to replace my current ac86u and have merlin firmware on the new router.
Now thinking should I send it back :(
concerned
 
I have a new unboxed ax86u pro .... is the pro included in this malware issue.

Was hope in to replace my current ac86u and have merlin firmware on the new router.
Now thinking should I send it back :(
concerned
pro is patched.

 
is that just for asus stock firmware, or both for merlin many thanks jbennett360 :)

Like to use merlin firmware
It is both. Asus posted updated firmware on 2024/11/06 that contained a fix for AiCloud. RMerlin posted updated Asus-Merlin release version firmware this past Sunday that contains a fix for AiCloud.

Been running the 3004.388.8_4 on a RT-AX86U Pro since Sunday without issue.
 
Something is happening: everything has disappeared from the firmware page of the RT-AX86U 🤔

1000073515.jpg
 
Something is happening: everything has disappeared from the firmware page of the RT-AX86U 🤔
Seeing the same for the Asus Global site.
https://www.asus.com/networking-iot...s?model2Name=RT-AX86-Series-RT-AX86U-RT-AX86S
If I hit the "Swtich to US website" button while on that page it it now goes to a "We'll be back" page. https://dlcdnwebsites.asus.com/maintain/web/500.html
This link however still works and shows the May firmware.
https://www.asus.com/us/networking-...s-gaming-routers/rt-ax86u/helpdesk_knowledge/
Asus is probably in the midst of updating pages and information so some pages are loading funky. Or there is some issue with routing or caching.
 
I could not log in to the RT-AX86U with my saved credentials, even after a reboot. After pressing the reset button, the router’s wireless functionality stopped working. I attempted a hard factory reset and used the Firmware Restoration tool, but the problem persists. Then a “country code error” also appears in the web GUI. I found out other posts mentioned the malware infections could corrupt or delete the manufacturing partition (mtd10), which has caused wireless functionality to fail and resulted in a "country code error."

I have received confirmation from ASUS that they are aware of this issue and have already implemented a fix. It has been confirmed that my Router cannot be repaired through a software upgrade. ASUS suggested that users contact customer service to request product repair services.
 
I’m not sure what fixes they’ve implemented, it seems the firmware still hasn’t been updated. In my case, my router is already out of warranty. However, I’ve already received an RMA and will provide an update once I hear back from the repair center.
 
I’m not sure what fixes they’ve implemented, it seems the firmware still hasn’t been updated. In my case, my router is already out of warranty. However, I’ve already received an RMA and will provide an update once I hear back from the repair center.

They released a signature update that automatically detects and removes related processes or malware.

The signature update is applied through the router's underlying software and does not require a firmware update.

However, it is not a permanent solution and may require further actions, such as a firmware update, to definitively address the issue or vulnerability.
 
They released a signature update that automatically detects and removes related processes or malware.

The signature update is applied through the router's underlying software and does not require a firmware update.

However, it is not a permanent solution and may require further actions, such as a firmware update, to definitively address the issue or vulnerability.
Is there a way to know if the signature update has been downloaded, and applied? The firmware update says it's current, and I don't have AI Protection enabled, or any of the AI related functions. My RT-AX86U hasn't gotten infected, so I am simply curious as to if there is a way to know for sure the router has downloaded the update and done scans.
 
What @giosita is talking about is ASD file update. Different than Trend Micro signature update on Firmware Update page.
 
Thanks, I think I'll just wait for a firmware update. I am not familiar with ASD updates since I've never done one, that I know of. I looked it up and the info I got said to get it from the Asus support page for the router model under Drivers and tools for Asus Live Updates. According to the support site, it's only available for windows downloads, or A GPL dated September of this year. So based on that info, it doesn't look like I could apply ASDs with a mac, unless I'm missing something here and they can be uploaded to the router like a firmware update. Either way, maybe Asus will also release new firmware, it sounds like this is more of a band-aid than a real fix anyway.
 
Newer firmware versions have Security Update switch on Firmware Update page. This is what updates ASD. Needs data sharing agreement to Asus.
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top