paliyoes
Occasional Visitor
160hzIf the router is set to US the list of available channels shown in post #256 is incorrect. What's the channel bandwidth set to?
160hzIf the router is set to US the list of available channels shown in post #256 is incorrect. What's the channel bandwidth set to?
1. Does this look like a malware issue or could it be a router glitch?
Thanks for the quick reply! What are your thoughts on the Oct 10-14 values? Coincidence that those high values ended after changing my password? I did also turn off my (very rarely used) OpenVPN server at the same time I changed my password.RouterTraffic Monitor glitch.
Hard to say. Your previously reported symptoms don't sound quite the same as the malware described in this thread.Thanks for the quick reply! What are your thoughts on the Oct 10-14 values? Coincidence that those high values ended after changing my password? I did also turn off my (very rarely used) OpenVPN server at the same time I changed my password.
Thanks again for your time. I'm going to call this a win and skip the reset and reconfigure.Hard to say. Your previously reported symptoms don't sound quite the same as the malware described in this thread.
I have had a very long history with my GT-AXE16000 having the same issues, except the radios. I have MULTIPLE open tickets since my purchase of qty 2 back in Feb 2024. The first issue was performance issues, stuttering streaming games (Nvidia Shield) and streaming services, all of them, including Netflix OVER ETH - not wireless.It all started with multiple reports of unidentified upload traffic registered in Traffic Monitor. Suspected point of entry is AiCloud. People disabling it and resetting their routers or changing passwords reported back to normal operation. Then reports of routers with changed admin access credentials and broken radios started coming in. The radios stop working after the user resets the router in an attempt to restore admin access.
@CrashXRu - "Over the last week I have restored more than 4 routers with such problems"
@ColinTaylor - "Same here. On Monday alone five different people contacted me with this problem."
@ColinTaylor - "I wonder if Asus are even aware there's an issue - Yes they are."
@CrashXRu seems to know more details about it, Asus has been notified and investigating the issue as far as I understand.
"it's the same thing, the first symptoms of the problem are
*high CPU load
*incoming or outgoing traffic
*the appearance of foreign processes, for example Sofia
* last stage loss of factory configuration"
"all models on HND suffer
there is a serious bug that Asus ignores
After long discussions, support responded that this is how it should work, although they also agreed with the unsafe method
I gave an example of different firmware versions where everything was fine, and then they broke these mechanisms
that is why factory data is lost
so far the most affected are RT-ax86u/s"
"I have already created several tickets, with a full description of the problem, and also referred to my report in 2022, about an error in the logic of working with the factory configuration. I hope this will help fix both problems : hacking and data processing error"
The quotes above are taken from discussions linked in the first post. I had a bait RT-AX86U model router running exposed for about a week, but couldn't catch anything on it. My goal was to investigate the upload traffic. I personally didn't know about the permanent damages it is doing. Due to changes in my ISP and system I can't expose it with public IP though and seems like it's more protected in DMZ or needs more time or actual user activity. What I can assist with at this point is extracting configuration files from a working RT-AX86U if needed.
Two more people reported damaged routers yesterday, new forum members seeking eventual help restoring their routers.
Models with unidentified upload traffic mentioned in SNB Forums reports so far:
RT-AX86U
RT-AX88U
GT-AXE11000
Models with damaged radios after reset mentioned in SNB Forum reports so far:
RT-AC86U
RT-AX56U
RT-AX82U
RT-AX86U
RT-AX86S
TUF-AX5400
Whoever reads this - lock your Asus router down immediately with no services exposed to Internet whatsoever and wait for eventual Asuswrt firmware update addressing the issue. Otherwise you may end up with damaged router! The reports we see are only small % of affected routers since only small % of Asus users participate in online forums and not every consumer product user can actually do initial troubleshooting to identify the issue.
my problems started there until I realized the problem wasnt going away - the issues was large outbound traffic that created poor performance streaming large amount of data. My output - transmitting of data was compounding the performance issues, very large jitter and much reduced use of bandwidth. The issue stemmed from using AICloud - the android app, and needed to reset the devices using the WPS reset method and a loading up of Merlins firmware, which wouldnt allow me to use the AIcloud android app, which was allowing access and a large amount of data going out. Suffice to say the AX line is susceptible to the MITM AIcloud attack, support was looking at the internal switch performance using 10G - however it was only part of the symptoms.Most likely your performance issues are unrelated to the malware discussed in this thread.
Welcome To SNBForums
SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.
If you'd like to post a question, simply register and have at it!
While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!