Security News > 2022 > March > ASUS warns of Cyclops Blink malware attacks targeting routers
Multiple ASUS router models are vulnerable to the Russia-linked Cyclops Blink malware threat, causing the vendor to publish an advisory with mitigations for the security risk.
Cyclops Blink is a malware linked to the Russian-backed Sandworm hacking group that has historically targeted WatchGuard Firebox and other SOHO network devices.
The role of Cyclops Blink is to establish persistence for threat actors on the device, allowing them a point of remote access to compromised networks.
Because Cyclops Blink is modular, it can be easily updated to target new devices, constantly refreshing its scope and tapping into new pools of exploitable hardware.
In a coordinated disclosure, Trend Micro warned that the malware features a specialized module that targets several ASUS routers, allowing the malware to read the flash memory to gather information about critical files, executables, data, and libraries.
RT-AC1900P, RT-AC1900P firmware under 3.0.0.4.386.xxxx.
News URL
Related news
- Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader (source)
- ASUS warns of critical auth bypass flaw in routers using AiCloud (source)
- ASUS Confirms Critical Flaw in AiCloud Routers; Users Urged to Update Firmware (source)
- New Android malware steals your credit cards for NFC relay attacks (source)
- Hackers Abuse Russian Bulletproof Host Proton66 for Global Attacks and Malware Delivery (source)
- SuperCard X Android Malware Enables Contactless ATM and PoS Fraud via NFC Relay Attacks (source)
- SK Telecom warns customer USIM data exposed in malware attack (source)
- DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks (source)
- Malware Attack Targets World Uyghur Congress Leaders via Trojanized UyghurEdit++ Tool (source)
- Nebulous Mantis Targets NATO-Linked Entities with Multi-Stage Malware Attacks (source)