Asus Vulnerability Warning
A couple of recent news items involving hackers and a series of popular routers caught our attention, and we’d like to tell you how FlashRouters can keep you safe from these all-too-common attacks and firmware security holes.
A Spate of Recent Router Hacks
This is not the first time similar firmware issues linked to the insistence of including cloud applications within a router have appeared. Including cloud-based activities like Asus’ AiCloud with limited security at the base of your network is not recommended as it opens up not just an individual device bu the entire network to major possible security cracks and damage. While not included in this story, Netgear and D-Link are also not innocent of similar firmware issues. They both have had very serious similar issues in the very recent past.
To start with, researchers have found a malicious worm that has affected at least a thousand different home and small office Linksys routers, including the E1000, the E1200, and the E2400. Johannes Ullrich of the Sans Institute described the depth of the issue in a recent blog post, which detailed the worm’s method of attack, and the ways in which the worm self-replicates by taking advantage of code-execution vulnerability in the device’s original firmware.
Then there was an Asus firmware vulnerability: only a few days after the Linksys exploit revelation, a researcher named Kyle Lovett publicly exposed a major vulnerability in a number of heavy-duty Asus routers and their faulty firmware. In fact, the image above is of an anonymous message that reached at least one Asus user with this very same firmware vulnerability, warning users that the exploit leaves them open to hacking by “anyone in the world with an internet connection.”
Lovett was only moved to publish the exploit after he privately contacted Asus with the information. The router company dismissed the problem as “not an issue”, a dismissal with which Lovett evidently disagreed. According to Ars Technica, potentially affected routers include the “RT-AC66R, RT-AC66U, RT-N66R, RT-N66U, RT-AC56U, RT-N56R, RT-N56U, RT-N14U, RT-N16, and RT-N16R.”
DD-WRT & Tomato Linksys/Asus Routers Security Fixes
Asus RT-AC66U Upgraded Features
These particular stories made us sit up and take notice, because there are a few routers listed as vulnerable that are included in our line, such as the Linksys WRT1900ACS/AC v2. The difference, of course, is that the hackable versions of these routers have not been flashed with DD-WRT or Tomato firmware. The main reason for this hardware’s ability to be exploited is the faulty firmware and denying that these manufacturers are claiming.
The cure for what ails this fine networking hardware is to ideally replace the firmware they include with it. While some of the features and the ease-of-use may be nice, it is not worth the continual issues and security concerns. And that is where we come in.
At FlashRouters, we get our name from this very process; we take powerful routers (vulnerable as they may be before we upgrade them, as the above-linked articles demonstrate), and super-charge their versatility, making them not just capable of running faster, but of keeping your network completely secure. Top-quality replacement firmwares like DD-WRT and Tomato give users the ability to extend their wireless range and control how their bandwidth is allocated, but more importantly, they give users access to a wide range of advanced security options. They even make VPN usage much simpler.
Exploits like those documented above are increasingly prevalent, and worth the extra effort that goes into preventing them. Fortunately for you, FlashRouters is willing to put in the effort so you don’t have to. All you have to do is find the right router for you.
Check out our recent best-seller’s of 2014 list and see if anything on there appeals to you, though we’ve added a pair of crazy powerful routers in the last month that might win the day: the Netgear R7000 DD-WRT Nighthawk and the Linksys 3200ACM DD-WRT FlashRouter. If this is the final straw that breaks the camel back for you, we are more than ready to make sure your next networking device is even more secure while leaving firmware security holes as a thing of the past.
Want more information and news about online privacy/safety and firmware security flaws? Make sure to follow us on Twitter and/or like us on Facebook.