The FBI has been tipped to a hack of around 130,000 Asus routers, details of which are available on the dark web – for sale.
To incentivize the sale, the crook has scored each router as to how useful it might be to launch attacks.
Access to these devices is being sold for as little as a few bucks per device, so that hackers illegal activities will trace back to your house and you get to explain to the FBI that it wasn’t you when they come visit.
But, as Ron Popeil used to say (if you are old enough to remember him – otherwise use Google), but wait, there’s more.
To incentivize crooks to buy his credentials, he is bundling the credentials with information on 500,000 Americans.
If that weren’t enough, he is also including a database full of credit card information.
This way the hacker can match YOUR router to YOUR credit card and YOUR personal information. MUCH less likely to raise any red flags anywhere.
The data is available on a Russian web site, so there is zero chance that the feds can get the data taken down. They could, of course, try to hack it, but that may or may not work.
The whole idea is to create a scenario that is low risk. Routers that have not been used for much fraud, personal information and stolen credit cards. A bit of a crook’s trifecta.
From a victim’s standpoint —
- If you have an Asus router, make sure the firmware is up to date
- Check your router to see if there are any user names added that are not supposed to be there
- Change the password on the router to something which is long and hard for a hacker to guess
- If you can, watch your router’s logs
- Finally, watch your credit cards for fraud