A leak in AsusWRT which could have jeopardized thousands of users privacy using ASUS Routers even in a place as safe as home. Thanks to vpnMentor’s research team who discovered the leak and reported to ASUS, hence it was swiftly fixed by ASUS.
AsusWRT is a graphical interface app that combines with an Asus router to create a private Wi-Fi network in a user’s home. This grants an AsusWRT user complete control over their network and any devices connected to it.
The leak in question in could be a win-win situation for hackers, as AsusWRT is a centralized access point for all the devices in your home that is connected to internet through ASUS, which includes Mobiles, Computers, or any other IoT devices.
Discovered and fixed
The leak in AsusWRT was discovered by vpnMentor’s research team, led by Noam Rotem and Ran Locar.
It was discovered on 15 September 2019 and was reported to Asus on the same day, and swiftly fixed by Asus within same day.
Examples of Entries in the Database
While no personally identifiable information (PII) data was viewable in the AsusWRT database, the leak still allowed access to highly sensitive user information and was a goldmine for hackers.
The user data vpnMentor included:
- IP Address
- User’s name
- Device Name (John Doe’s iPhone)
- Usage information, IFTTT commands
- Longitude & Latitude coordinates
- Location: Country & City
The leak affected AsusWRT users across the globe, with user data available from every continent.
By cross-referencing the leaked data with publicly available information, hackers can easily identify a user’s identity and address. For example, using someone’s longitude & latitude coordinates and IP address, a hacker could pinpoint users’ physical street address.
The other data available, such as the device name, eg. “John Doe’s iPhone”, and Wi-Fi name, would confirm the address.
If hackers managed to breach in through the leak they could have access every internet devices connected to AsusWRT. Thus, giving hackers unprecedented access to a user’s home network and the ability to hijack devices therein, including Amazon Alexa.
Thus, it could have resulted in
- Device Takeover
- Various Forms of Fraud
- Sensitive information
How to avoid it?
If you are using AsusWRT and feels like you have been compromised, contact ASUS immediately.
In the meantime vpnMentor suggests that you uninstall AsusWRT and disconnect your device from the network, you can reconnect them after removing AsusWRT. After Asus releases a patch, you can safely install it back again.