“greynoise discovers stealthy backdoor campaign affecting thousands of asus routers this activity was first discovered by greynoise on march 18, 2025. public disclosure was deferred as we coordinated the findings with government and industry partners. greynoise has identified an o…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
80%
“emulated asus profiles running factory firmware. this infrastructure allowed greynoise to : - capture full pcap of the requests and router behavior. - reproduce the attack in a controlled environment. - confirm how the backdoor is installed and how it persists. without emulated p…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
76%
“compromised, with the number steadily increasing. - attackers gain access using brute - force login attempts and authentication bypasses, including techniques not assigned cves. - attackers exploit cve - 2023 - 39780, a command injection flaw, to execute system commands. - they u…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
69%
“— a platform that continuously maps and monitors internet - facing assets across the global internet. censys reveals what ’ s exposed ; greynoise shows which of those assets are being actively targeted. - the number of affected hosts is growing. - greynoise sensors saw just 30 re…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1584.005Botnet
51%
“greynoise discovers stealthy backdoor campaign affecting thousands of asus routers this activity was first discovered by greynoise on march 18, 2025. public disclosure was deferred as we coordinated the findings with government and industry partners. greynoise has identified an o…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
31%
“greynoise discovers stealthy backdoor campaign affecting thousands of asus routers this activity was first discovered by greynoise on march 18, 2025. public disclosure was deferred as we coordinated the findings with government and industry partners. greynoise has identified an o…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
GreyNoise uncovers a stealth campaign exploiting ASUS routers, enabling persistent backdoor access via CVE-2023-39780 and unpatched techniques. Learn how attackers evade detection, how GreyNoise discovered it with AI-powered tooling, and what defenders need to know.