ASUS Router Apocalypse: 50,000 Devices Hacked in Alleged China-Linked Operation WrtHug

Operation WrtHug has compromised around 50,000 ASUS routers, targeting end-of-life models primarily in Taiwan and Southeast Asia. Researchers suspect a China-linked cyber espionage campaign exploiting multiple vulnerabilities. The attack shares a playbook with previous Chinese cyber campaigns, leaving users with one clear mantra: patch, patch, patch those routers!

3P
Published: November 19, 2025 9:38 amAdded: November 19, 2025 at 2:13 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Looks like ASUS routers are playing a risky game of “Who Can Get Hacked the Most?” with vulnerabilities older than yesterday’s leftovers. Is it a bird? A plane? Nope, just another cyber espionage campaign possibly from China, exploiting routers that should probably be in a museum by now.

Key Points:

  • Around 50,000 ASUS routers hacked in “Operation WrtHug”, possibly linked to China.
  • Exploits target end-of-life ASUS WRT routers with vulnerabilities from 2023.
  • Most compromises are in Taiwan and Southeast Asia, but not mainland China.
  • Identical exploits as the previous AyySSHush campaign, yet few overlaps in compromised devices.
  • Unusual self-signed TLS certificate with a 100-year expiration date is a key infection indicator.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?