Malware damaging ASUS routers?

[imardevries]

Indeed what I started thinking, so I did a reset just now and managed to gain access via the web GUI; after uploading old backup settings it now seems to work just fine, WiFi and all. I immediately shut down AiCloud. Interestingly, I saw I already had the router running on the latest firmware (https://www.snbforums.com/threads/asus-rt-ax82u-firmware-version-3-0-0-4-388_25017-2024-11-18.92963/), so perhaps that saved it from disaster after acess was gained via AiCloud...?

 

[iFrogMac]

Indeed what I started thinking, so I did a reset just now and managed to gain access via the web GUI; after uploading old backup settings it now seems to work just fine, WiFi and all. I immediately shut down AiCloud. Interestingly, I saw I already had the router running on the latest firmware (https://www.snbforums.com/threads/asus-rt-ax82u-firmware-version-3-0-0-4-388_25017-2024-11-18.92963/), so perhaps that saved it from disaster after acess was gained via AiCloud...?

possible your issue wasn't related to malware, if you had already patched the router, and it just needed a factory reset.

 

[imardevries]

I am very much puzzled because I *was* locked out of my router with the identified malware-related message saying more than 10 wrong username/password attempts had been registered, while I had not tried to do anything of the sorts. Also, having shut down AiCloud it still pops up as a service the router seems to be running when checking via Shodan (albeit with a 401 Unauthorized status, mentioning lighttpd/1.4.39 as the server) -- or is this a mislabeled flag that actually says Web Access from WAN is active (due to the Asus Router app)?

 

[myol]

Can anyone recommend or link to the latest method of performing a nvram dump (and restore?)

I came across this thread but the last comment by RMerlin is that it no longer works with recent releases. Is there a newer method?

 

[ColinTaylor]

Can anyone recommend or link to the latest method of performing a nvram dump (and restore?)

I came across this thread but the last comment by RMerlin is that it no longer works with recent releases. Is there a newer method?

Use the option in the webUI.

Administration - Restore/Save/Upload Setting: Save setting / Restore setting

 

[Ripshod]

If you have ssh enabled login via ssh and issue the following command

nvram dump > dump.txt

Then just download the dump.txt file. That's your backup of everything in nvram, but it shouldn't ever be restored to the router as it is. It's directly readable and then info you need to restore can just be entered in the normal way.

 

[Mittenz]

Two AX11000 dead wifi after factory restore.

What now? Leave asus forever for another brand?

 

[Ripshod]

Two AX11000 dead wifi after factory restore.

What now? Leave asus forever for another brand?

Latest asus firmware may just bring them back to life

 

[Tech9]

Latest asus firmware may just bring them back to life

It did bring them back and in super hero mode.

Frimware Broke Router - 2.4ghz now showing channels 1 - 14; both wifi 5 showing 36 - 165. Help!

Reset Button, WPS reset method, GUI reset - nothing is fixing my router anymore. Since upgrading to the new merlin, my wifi is no longer showing 2.4, 5_1, 5_2, im stuck and unsure what do to anymore. I think the frimware broke the router somehow, as the 5_2 is now showing 160mhz in settings...

www.snbforums.com