ASUS Routers Compromised: Models Impacted and How to Check If Your Device Is Infected

By 5G News, 5G Router
Asus Routers Compromised

Thousands of ASUS Routers Compromised. Here Is What You Need to Know and How to Check Your Device

There is a major security alert circulating in the networking world right now. Thousands of ASUS routers have been compromised by a coordinated and highly targeted cyber campaign believed to be backed by a foreign government. At 5Gstore we want to help you understand what is happening, whether your hardware is impacted, and what steps you can take today to protect your network.

This is an educational overview written in the same tone you see across all 5Gstore posts. No technical fluff. No panic. Just clear steps you can follow right now.

What Happened

Security researchers discovered a large number of ASUS routers that were taken over through known but unpatched vulnerabilities. These vulnerable routers were then placed into a hidden network controlled by the attackers. This allows the attackers to use the routers however they want such as relaying traffic, hiding activity, or performing long term monitoring.

The most concerning detail is that these attackers are not using brand new vulnerabilities. They are exploiting older and already documented issues on devices that never received updates or reached end of life. In short, outdated firmware has once again proven to be a very real risk.

The ASUS Models Known To Be Affected

If you own one of the following routers, treat this as a high priority item. These models have been identified as vulnerable targets in the campaign.

  • ASUS 4G AC55U
  • ASUS 4G AC860U
  • ASUS DSL AC68U
  • ASUS GT AC5300
  • ASUS GT AX11000
  • ASUS RT AC1200HP
  • ASUS RT AC1300G Plus
  • ASUS RT AC1300UHP

This list is likely not complete. The attackers focused on ASUS WRT based firmware. Other ASUS models in the same family could also be at risk if they have outdated firmware or open remote access settings.

If your router matches any of these models it is important to check it immediately.

How To Check If Your ASUS Router Is Infected

Below is a 5Gstore style checklist you can follow right now. None of this requires any special tools.

Step 1: Log In To Your Router

Open a browser and go to:

Log in using your admin credentials. If you still use the default password, that is already a major issue. Change it immediately.

Find the model number and the firmware version. Compare your model to the impacted list above.

If your firmware is old or your router is no longer receiving updates from ASUS, you are in a high risk zone.

Step 2: Look For A Suspicious Certificate

One of the unusual signs of this attack is a self signed certificate that lasts roughly a century. You can check this in the settings where HTTPS management is configured. If you see a certificate with an expiration date far in the future, such as decades from now, treat that as a red flag.

Step 3: Review Remote Access Settings

Many infections occur because remote management was left open.

Check for the following and make sure they are turned off unless absolutely required:

  • Remote Administration from the internet
  • ASUS cloud features you do not actively use
  • Telnet or SSH access
  • Open ports or port forwarding rules you did not create

If something is enabled and you do not recognize it, turn it off.

Step 4: Update Firmware

Go to the firmware update page on the router and check for the latest version. If your router is end of life and has no available updates you should seriously consider replacing it. Old firmware is the most common way attackers get in.

Step 5: Consider a Factory Reset

If you believe your router is compromised:

  1. Save your settings
  2. Factory reset the router
  3. Install the newest firmware available
  4. Rebuild your configuration with a clean password
  5. Avoid restoring old backups if possible

Step 6: Watch For Strange Behavior

After you clean or update the router keep an eye out for:

  • Slow internet when nothing is in use
  • Unknown devices on your network
  • Log entries showing odd external access
  • Features running that you never enabled

If you still see suspicious behavior, the router should be replaced.

5Gstore Guidance

Here is our straightforward recommendation based on what we see across thousands of customers.

  • If you own one of the listed models and it is running outdated firmware, replace it.
  • If your router is end of life and cannot be patched, replace it.
  • If you need remote access, use strong passwords, current firmware, and disable everything you do not use.
  • If this is your business network or you handle sensitive information, treat a suspected compromise with maximum caution.
  • If you want to upgrade to a more secure platform we can help with WiFi 6 and WiFi 7 capable routers, cellular routers, or multi WAN hardware designed for real protection.

Even home networks today have dozens of connected devices. Keeping your router updated and secure is the single most important part of that environment.

Final Thoughts

This attack is a reminder that consumer routers are now attractive targets for serious threat actors. The attackers do not care whether you are a home user or a small office. They care that your router is easy to compromise.

That is why firmware updates, strong passwords, and proper network settings matter so much.

If you have one of the affected ASUS models or want help choosing a safe replacement, the 5Gstore team is here to help you stay secure and connected with hardware you can trust.

Stay safe. Stay informed. Stay updated.

Related posts:

  1. Protecting Against DNS Vulnerabilities: Strategies and Best Practices
  2. Is Your Starlink Dish at Risk? How to Check and Update Before Nov 17, 2025
  3. Outdated Routers Under Attack: Why You Must Update Firmware or Upgrade Now
  4. How to Use Peplink Bandwidth Monitoring to Avoid Costly ISP Overage Charges
,