Routers compromised by recent Russian military attack


Senecio

Senecio

Well-known member
Power User
VIP
Local time
5:01 AM
Posts
595
Location
Yorkshire
OS
Linux Mint (22.3) and Windows 11
UK Government and Microsoft have identified a recent attack which compromises DNS settings on vulnerable routers. The router singled out is a TP-link model. A lot more details here: Russian hacking group targets home and small office routers to spy on users
It appears that home users who don't "work from home" (i.e. log into work systems), are unlikely to be targeted. The intention is to target businesses. Nevertheless, probably worth checking DNS security on your device, especially if you have the TP-link model mentioned.
One place you can test your router is here: Test Your Router - RouterSecurity.org

John
 

My Computers

System One System Two

  • OS
    Linux Mint (22.3) and Windows 11
    Computer type
    PC/Desktop
    Manufacturer/Model
    Home built
    CPU
    Ryzen 3900x
    Motherboard
    Gigabyte Aorus Master x570 rel 1.0
    Memory
    32GB (2x16) @ 3600 MHz Corsair Vengeance LPX
    Graphics Card(s)
    Asus Geforce RTX 5060 Ti Dual OC 16 GB
    Sound Card
    No separate sound card.
    Monitor(s) Displays
    Dell U2718Q
    Screen Resolution
    3840x2160
    Hard Drives
    1TB WD-Black SN850; 1TB Samsung Sata 850 Evo; 4 TB WD Blue Sata SA510 2.5''; 4TB Samsung Sata SSD 870 EVO 2.5".
    PSU
    Be Quiet Dark Power Pro 11 750W
    Case
    Lian Li PC-8FIB
    Cooling
    CPU: Noctua NH-U12A; Case: BeQuiet + Lian Li fans.
    Keyboard
    Steelseries Apex 7 brown keys.
    Mouse
    Logitech (wired) G403
    Internet Speed
    940 Mb/s down; 105 Mb/s up
    Browser
    Firefox
    Other Info
    Pioneer blu-ray optical drive.
  • Operating System
    Windows 11 Home (ARM version) (latest update)
    Computer type
    Laptop
    Manufacturer/Model
    Samsung Galaxy Book4 Edge 14" Copilot+ PC
    CPU
    Qualcomm Snapdragon X Elite X1E-80-100
    Memory
    16 GB LPDDR5
    Graphics card(s)
    Qualcomm Adreno
    Monitor(s) Displays
    Touch screen 14" AMOLED monitor
    Screen Resolution
    2880x1800
    Hard Drives
    512 GB eUFS
    Internet Speed
    930 Mb/s (Wifi)
    Browser
    Firefox
    Antivirus
    Eset Internet Security
    Other Info
    NPU Qualcomm Hexagon
It is going to get much worse. Routers have been targeted now more than ever. I don't agree with the banning of router sales in the usa, but I would hope to see stricter security and robust firmware updating across the brands that make routers. They also need to be independently verified and pen tested.

To my knowledge, the only brand of router that has yet to have an actively ongoing full public exploited breach in the wild is peplink.
 

My Computers

System One System Two

  • OS
    Windows 11 Pro
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom Built
    CPU
    Ryzen 7 5700 X3D
    Motherboard
    MSI MPG B550 GAMING PLUS
    Memory
    64 GB DDR4 3600mhz Gskill Ripjaws V
    Graphics Card(s)
    RTX 4070 Super , 12GB VRAM Asus EVO Overclock
    Monitor(s) Displays
    Gigabyte M27Q (rev. 2.0) 2560 x 1440 @ 170hz HDR
    Hard Drives
    2TB Samsung nvme ssd
    4TB Western Digital nvme ssd
    PSU
    CORSAIR RMx SHIFT Series™ RM750x 80 PLUS Gold Fully Modular ATX Power Supply
    Case
    CORSAIR 3500X ARGB Mid-Tower ATX PC Case – Black
    Cooling
    ID-COOLING FROSTFLOW X 240 CPU Water Cooler
    Keyboard
    Logitech G213
    Mouse
    Logitech G203
    Internet Speed
    1.2gbps Fiber 😎
  • Operating System
    Chrome OS
    Computer type
    Laptop
    Manufacturer/Model
    HP Chromebook
    CPU
    Intel Pentium Quad Core
    Memory
    4GB LPDDR4
    Monitor(s) Displays
    14 Inch HD SVA anti glare micro edge display
    Hard Drives
    64 GB emmc
I have an Asus router, and that model was definitely targeted last year. Thousands of Asus routers are being hit with stealthy, persistent backdoors
The usual caveats of changing admin password when setting up the router, and keeping its firmware updated is usually the best strategy for a home user. One of the websites I reviewed when researching this post recommended buying a new router with Wifi 7. That sounds like a good excuse for some of us to buy some shiny new hardware!
 

My Computers

System One System Two

  • OS
    Linux Mint (22.3) and Windows 11
    Computer type
    PC/Desktop
    Manufacturer/Model
    Home built
    CPU
    Ryzen 3900x
    Motherboard
    Gigabyte Aorus Master x570 rel 1.0
    Memory
    32GB (2x16) @ 3600 MHz Corsair Vengeance LPX
    Graphics Card(s)
    Asus Geforce RTX 5060 Ti Dual OC 16 GB
    Sound Card
    No separate sound card.
    Monitor(s) Displays
    Dell U2718Q
    Screen Resolution
    3840x2160
    Hard Drives
    1TB WD-Black SN850; 1TB Samsung Sata 850 Evo; 4 TB WD Blue Sata SA510 2.5''; 4TB Samsung Sata SSD 870 EVO 2.5".
    PSU
    Be Quiet Dark Power Pro 11 750W
    Case
    Lian Li PC-8FIB
    Cooling
    CPU: Noctua NH-U12A; Case: BeQuiet + Lian Li fans.
    Keyboard
    Steelseries Apex 7 brown keys.
    Mouse
    Logitech (wired) G403
    Internet Speed
    940 Mb/s down; 105 Mb/s up
    Browser
    Firefox
    Other Info
    Pioneer blu-ray optical drive.
  • Operating System
    Windows 11 Home (ARM version) (latest update)
    Computer type
    Laptop
    Manufacturer/Model
    Samsung Galaxy Book4 Edge 14" Copilot+ PC
    CPU
    Qualcomm Snapdragon X Elite X1E-80-100
    Memory
    16 GB LPDDR5
    Graphics card(s)
    Qualcomm Adreno
    Monitor(s) Displays
    Touch screen 14" AMOLED monitor
    Screen Resolution
    2880x1800
    Hard Drives
    512 GB eUFS
    Internet Speed
    930 Mb/s (Wifi)
    Browser
    Firefox
    Antivirus
    Eset Internet Security
    Other Info
    NPU Qualcomm Hexagon
Senecio said:
I have an Asus router, and that model was definitely targeted last year. Thousands of Asus routers are being hit with stealthy, persistent backdoors
The usual caveats of changing admin password when setting up the router, and keeping its firmware updated is usually the best strategy for a home user. One of the websites I reviewed when researching this post recommended buying a new router with Wifi 7. That sounds like a good excuse for some of us to buy some shiny new hardware!
Click to expand...
If you live in the USA it is a terrible time to buy a router, as almost all models purchased will end update support by March 1, 2027.

I have an asus router as well. They have plenty of vulnerabilities but asus does seem to patch them quickly. The main advantage of asus routers though is the custom merlin firmware which is much more secure.
 

My Computers

System One System Two

  • OS
    Windows 11 Pro
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom Built
    CPU
    Ryzen 7 5700 X3D
    Motherboard
    MSI MPG B550 GAMING PLUS
    Memory
    64 GB DDR4 3600mhz Gskill Ripjaws V
    Graphics Card(s)
    RTX 4070 Super , 12GB VRAM Asus EVO Overclock
    Monitor(s) Displays
    Gigabyte M27Q (rev. 2.0) 2560 x 1440 @ 170hz HDR
    Hard Drives
    2TB Samsung nvme ssd
    4TB Western Digital nvme ssd
    PSU
    CORSAIR RMx SHIFT Series™ RM750x 80 PLUS Gold Fully Modular ATX Power Supply
    Case
    CORSAIR 3500X ARGB Mid-Tower ATX PC Case – Black
    Cooling
    ID-COOLING FROSTFLOW X 240 CPU Water Cooler
    Keyboard
    Logitech G213
    Mouse
    Logitech G203
    Internet Speed
    1.2gbps Fiber 😎
  • Operating System
    Chrome OS
    Computer type
    Laptop
    Manufacturer/Model
    HP Chromebook
    CPU
    Intel Pentium Quad Core
    Memory
    4GB LPDDR4
    Monitor(s) Displays
    14 Inch HD SVA anti glare micro edge display
    Hard Drives
    64 GB emmc
I consider the router as the enemy, I try to be as disconnected from it as possible.
Luckily DNS in the router does not matter much, Browser > Windows > router.
 

My Computer

System One

  • OS
    Home26H2Can
    Computer type
    PC/Desktop
    CPU
    AMD Ryzen 5 8600G (07/24)
    Motherboard
    ASROCK B650M-HDV/M.2 (07/24) BIOS 4.21 AGESA ComboAM5 1.3.0.1 (04/26)
    Memory
    2x32GB Kingston FURY DDR5 5600 MHz CL36 @5200 CL36 (07/24)
    Graphics Card(s)
    ASROCK Radeon RX 6600 Challenger D 8G @48FPS (08/24)
    Sound Card
    Creative Sound BlasterX AE-5 Plus (05/24)
    Monitor(s) Displays
    24" Philips 24M1N3200ZS/00 (05/24)
    Screen Resolution
    1920×1080@165Hz via DP1.4
    Hard Drives
    Kingston KC3000 NVMe 2TB (05/24)
    ADATA XPG GAMMIX S11 Pro 512GB (07/19)
    PSU
    Seasonic Core GM 550 Gold (04/24)
    Case
    Fractal Design Define 7 Mini with 3x Noctua NF-P14s/12@555rpm (04/24)
    Cooling
    Noctua NH-U12S with Noctua NF-P12 (04/24)
    Keyboard
    HP Pavilion Wired Keyboard 300 (07/24) + Rabalux 76017 Parker (01/24)
    Mouse
    Logitech M330 Silent Plus (01/26)
    Internet Speed
    500/100 Mbps via RouterOS (05/21) & TCP Optimizer
    Browser
    Edge, Brave for YouTube, LibreWolf for FB
    Antivirus
    NextDNS blocking 1/3 Traffic
    Other Info
    Phone: Motorola Moto G86 (02/26)
    Backup: Hasleo Backup Suite (PreOS)
    Headphones: Sennheiser RS170 (09/10)
    Chair: Huzaro Force 4.4 Grey Mesh (05/24)
    Notifier: Xiaomi Mi Band 9 Milanese (10/24)
    FlexCore USB-C 3.2 Gen 1 (M) to LAN (F) (08/25)
You must log in or register to reply here.

Latest Support Threads

Latest Tutorials

Back
Top Bottom