Skip to main content

ASUS RT Wireless Routers Easy to Hack, Easy to Patch

The ASUS RT-N56U wireless router. Credit: ASUSTeK Computer Inc.

(Image credit: The ASUS RT-N56U wireless router. Credit: ASUSTeK Computer Inc.)

Protecting your computer is a fairly straightforward process, but when was the last time you paid any attention to your wireless router? Routers are surprisingly vulnerable to sophisticated hacks, and ASUS' RT line of wireless routers is no different. An inventive hack could hijack your entire Internet experience if you don't update quickly and carefully.

Security researcher David Longenecker described the flaw on his blog. The current vulnerability is the latest in a long list of ASUS router flubs, and affects the RT-AC68U, RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U models, with possible ramifications for the RT-N53, RT-N14U, RT-N16, and RT-N16R versions as well.

MORE: Your Router's Security Stinks: Here's How to Fix It

The actual vulnerability is quite complicated, so check out Longenecker's blog to learn the exact details, but it boils down to the way the routers process firmware updates. Firmware updates on ASUS RT routers require a verification on both ends, but do not require this verification to go through a secure HTTPS server. This could allow an inventive hacker to create and supply his or her own bogus update.

Providing phony firmware might not seem like a big threat, but consider that your router is your gateway to the rest of the Internet. Malicious commands in an update script could redirect you to bogus versions of important sites, such as Gmail or a banking website. Logging on to fraudulent sites would send your authentication credentials to a malefactor rather than to a trusted source. Running programs to spread adware or malware would also not be difficult.

The good news is that ASUS has been alerted to this problem and has added an undocumented fix to the latest version of the firmware for each affected router. The bad news, of course, is that the very flaw ASUS is trying to patch makes it dangerous to download the updated firmware.

Longenecker recommends downloading firmware directly from ASUS, which should mitigate any risks, although the ASUS website does not itself use HTTPS — which means anyone whose router has already been hacked could end up being redirected to a bogus ASUS site.

To be certain you're getting the real thing, first find a friend with a different brand of router. Then use one of her computers to browse to the ASUS website and find the support page for your model of ASUS router. Download the ZIP compressed archive of the latest firmware, making sure you get the version that matches your version of Windows.

Don't extract the files from the archive right away. Instead, copy the archive to a flash drive, take it to your main Windows computer and extract the archive there. Then open the ASUS router administrative software on your computer, click Advanced Setting, click Firmware Upgrade, browse to the extracted files from the flash drive and hit Upload.

Marshall Honorof is a Staff Writer for Tom's Guide. Contact him at mhonorof@tomsguide.com. Follow him @marshallhonorof and on Google+. Follow us @tomsguide, on Facebook and on Google+.

  • cklaubur
    I'm glad I put Tomato on my RT-N53, then.

    Casey
    Reply
  • firefoxx04
    Tomato > OEM firmware.

    Im running 2 RT-N16s, both with Tomato and I have not looked back.
    Reply
  • bit_user
    ASUS should sign their firmware images. That way, they couldn't be spoofed.

    In order to preserve the ability to use opensource firmware on them, any firmware lacking a signature could present users with a warning and an option to install it anyway. Or maybe they could place an option on one of the admin pages to disable the check.
    Reply
  • Paul NZ
    Glad I don't own one :D
    Reply
  • phishdontlie
    Another reason to disregard default firmware. I get all the Asus routers for my IT projects from FlashRouters - http://www.flashrouters.com/routers/brands/asus because they pre-install and test open-source DD-WRT and Tomato firmware.
    Reply
  • goinginstyle
    This was fixed back in July, old news. And the process to target a particular router on earlier firmware plus enable the hack described is fifty times more difficult than a standard phishing attack using this site's credentials. ;)
    Reply
  • wekilledkenny
    What idiot wrote this article?
    "first find a friend with a different brand of router"
    How about taking the ethernet cable out of the WAN port of the router and plugging it directly into a computer? Seems approximately 1e6 times better and simpler than "find a friend to update your router".
    Reply
  • bit_user
    What idiot wrote this article?
    "first find a friend with a different brand of router"
    How about taking the ethernet cable out of the WAN port of the router and plugging it directly into a computer? Seems approximately 1e6 times better and simpler than "find a friend to update your router".
    Now you're giving up the security of the router and putting your box directly on the internet? Nice. Plus, my broadband provider used to make me call them when I replaced my router. The cable modem will only talk to that MAC address (though I could obviously spoof it). Maybe some still do this.
    Reply