What's new

Malware damaging ASUS routers?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

The various MAC addresses associated with the different interfaces might be easy to retrieve, but if you notice, the backup settings also include the radio calibration values, which, as I understand, are specific to each INDIVIDUAL model produced. I assume Asus has a database they can rely on, based on the serial number, to restore all models affected by the issue. That’s good news, at least they’re actively working on the problem.

EDIT: However, it would be nice to know WHAT caused the issue, specifically if and which vulnerabilities or malware are involved in this....
 
Last edited:
you are very wrong individual settings are made at the factory and they depend on the radio module

in fact, you can use the default ones, you will not notice a big difference, BUT this will be true if you have one router, and if 3-4 then this will create additional interference
 
you are very wrong individual settings are made at the factory and they depend on the radio module

in fact, you can use the default ones, you will not notice a big difference, BUT this will be true if you have one router, and if 3-4 then this will create additional interference

Yes, I think we’re saying similar things, namely that each radio module has its own specific calibrations BUT they are done at the factory (by the wireless module manufacturer, e.g., Realtek, Qualcomm, etc.) and not by Asus, correct 🙃?
 
not by Asus, correct 🙃?
Tuning of radio modules is performed by ASUS.
Firmware updates bring updates of some parameters, which are calculated mathematically based on the current value.


TPLink does not have individual settings, all settings are in the firmware, the firmware version determines which settings you will use for the radio module.
 
also about how to work with the factory configuration, using 2 applets without the need for direct contact, which increases security.
Did they mention about how soon they will release the restore utility?
In my case, when I used firmware restore utility, it created the partition but it is empty, I have on backup from the router, is there any pointer that explain how to restore those setting in that partion, mtd10 partition is empty on AX88U not but getting partial setting from NVRAM..
I was on Merlin firmware before I downgraded all the way to the first version then puff, router specific factory setting was gone..
thanks
 
The various MAC addresses associated with the different interfaces might be easy to retrieve, but if you notice, the backup settings also include the radio calibration values, which, as I understand, are specific to each INDIVIDUAL model produced. I assume Asus has a database they can rely on, based on the serial number, to restore all models affected by the issue. That’s good news, at least they’re actively working on the problem.

EDIT: However, it would be nice to know WHAT caused the issue, specifically if and which vulnerabilities or malware are involved in this....
No, it's not a model specific thing, it's a unit specific thing. Yes, there's a set of common parameters, but the calibration is per unit produced. None of this is user accessible.

Yes, I think we’re saying similar things, namely that each radio module has its own specific calibrations BUT they are done at the factory (by the wireless module manufacturer, e.g., Realtek, Qualcomm, etc.) and not by Asus, correct 🙃?
That's not how it works. The radios are tuned on each router during manufacturing.
That said, modern Wi-Fi radios are as far as I understand it, much easier to tune, due to better hardware/software and it goes a lot quicker than it used to do, even on something like an 802.11ac router.
Router manufacturers don't buy ready made modules from Qualcomm, MTK, Broadcom or Realtek, they buy chips, as the cost is a lot lower and if a router is using a module, it's made by the router company or their manufacturing partner.
And yes, I used to work for a router manufacturer and exactly zero of our products used any kind of modules, everything was designed and built in-house.
 
you are very wrong individual settings are made at the factory and they depend on the radio module

in fact, you can use the default ones, you will not notice a big difference, BUT this will be true if you have one router, and if 3-4 then this will create additional interference
No, this is not correct either, each router has to be calibrated at the factory and they're tuned to work with the specific antennas as well, since sometimes the same PCB is used in different router models and different antennas are used and the WiFi radios have to be tuned specifically for the antenna they're paired with, as otherwise the won't pass certification.
 
No, this is not correct either, each router has to be calibrated at the factory and they're tuned to work with the specific antennas as well, since sometimes the same PCB is used in different router models and different antennas are used and the WiFi radios have to be tuned specifically for the antenna they're paired with, as otherwise the won't pass certification.

Was thinking about this - what if the RFCal values were nuked...

How to recover devices in the field?

As you know, the factory records everything, so the median and mean averages for RFCal are known, so one could generate a ballpark set of values to rewrite the RF cal values in the field...

From an FCC and EU-RED perspective - over in unlicensed space, once the radio is certified, there's a fair amount of latitude... obviously if we change something in the radio on a design view, we have to submit a permissive change request (which is usually approved)...
 
There will be no utilities, if they decide to do this, it will be automated in the firmware.

A complete recovery method for service centers, for users this should not be.

I noticed that something changed in one of the firmwares, I can’t say exactly where it happened. BUT

The client has a damaged router, flashed the latest stock firmware, saw an error. Flashed the last Merlin with a reset of the settings and the router turned on Wi-Fi, the MAC addresses are incorrect, but the device works.

This is exactly the method I described earlier, as the primary restoration of the device to a working state, but requiring intervention from the Service Center to restore the MAC address
 
My AX86U has country code error and no wifi can be detected. It was resolved after firmware update to 3.0.0.4.388_24323 (released 2024/11/28)
 
My AX86U has country code error and no wifi can be detected. It was resolved after firmware update to 3.0.0.4.388_24323 (released 2024/11/28)

Interesting first report... ASUS did not mention this in the release notes. :rolleyes:

OE
 
My AX86U has country code error and no wifi can be detected. It was resolved after firmware update to 3.0.0.4.388_24323 (released 2024/11/28)

Same here! I was going to get ColinTaylor to help me but after the firmware update, I realised the error is gone, and I could use the wifi with no issues anymore! I posted the details in another thread here:

 
Last edited:
Well, I don't what Asus did, but my router is now illegal in europe:

1733146370516.png


149 Band is forbidden in UE
 
Well, I don't what Asus did, but my router is now illegal in europe:

View attachment 62747

149 Band is forbidden in UE
I thought the UK regulations were the same as the EU. I've had UNII-3 channels as long as I've used this current router. Before that though I did force UNII-3 through an nvram hack that eventually screwed the router up.
 
Last edited:

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top