Asus router owners, see this, you may have been pwned

White Heart Loon

http://arstechnica.com/security/2014/02/dear-asus-router-user-youve-been-pwned-thanks-to-easily-exploited-flaw/

This is only a few days after it was discovered that malware was infecting some Linksys routers.
http://arstechnica.com/security/2014/02/bizarre-attack-infects-linksys-routers-with-self-replicating-malware/

My guess is that we are going to see a huge increase in these type of attacks, ISP's ship routers which in most cases stay on the default admin password (and usually default ip) so it is very easy to code for. I'm glad I have Mikrotik and build my own firewall and lock everything down.

BigEejit

Did not have ftp and aicloud turned on, but seriously ****ing stupid to have anything like that on by default.... asus should know better than that ffs

Mr. G

In terms of security,

-Change Wireless network to WPA2, Change encryption to AES, Change SSID and change the password to a random password with at least 24 characters. Random.org is handy for this.

-Change the default router username and password

-Disable any ftp, telnet etc settings, and ensure the firewall is on.

-Disable access to web portal and lock it preferably to specific ip addresses internally.

-Keep firewall enabled on all PC's, and keeping anti virus up to date.

These tips should help protect end users, as well as following the above article. You would be amazed how many people never change the router passwords from the default.