The file is being planted by exploiting a security hole in the devices
Last week, we informed you that Asus released firmware updates for a number of router models. It turns out that some hackers are leveraging the security holes fixed with the new firmware to send out a text file to the owners of affected devices warning them of the risks.According to Ars Technica, a user found a mysterious text file on his external hard drive. The file contained a message that read, “This is an automated message being sent out to everyone effected. Your Asus router (and your documents) can be accessed by anyone in the world with an Internet connection.”
The individuals responsible for sending out the files also instruct users to read an article that contains information on how to protect themselves against attacks that leverage a vulnerability in their routers.
On February 4, someone published a list of close to 13,000 IP addresses reportedly associated with vulnerable Asus routers. Lists containing the names of files stored on the hard drives of impacted users have also been published online.
The existence of the vulnerability was revealed by security researcher Kyle Lovett in June 2013. He had made his findings public after being told by Asus that “it was not an issue.”
Later, Asus promised to address the problem, but since the company failed to warn customers, Lovett published additional technical details, along with ways to mitigate potential attacks.
The list of affected routers includes RT-N66R, RT-N66U, RT-AC56U, RT-N56R, RT-N56U, RT-N14U, RT-N16, RT-N16R, RT-AC66R and RT-AC66U. Owners of these models are advised to update their firmware as soon as possible since this is clearly a critical vulnerability.
It appears that Asus has released firmware updates for all of the impacted models. You can download the latest firmware variants for Asus routers from Softpedia.