ZouRAT Malware virus attacks Wifi Routers

Rusli Posts: 1,018 Influencer
edited August 2022 in General Discussion

URL:- https://www.securityweek.com/soho-routers-north-america-and-europe-targeted-zuorat-malware

Hi, I need to discuss on ZouRAT Malware which can cripple Wifi Routers.

Recently and Currently, My Asus Wifi Router, DLINK Wifi Router are totally down.

So, I myself do not know what really happen. My Dlink Router was totally down for 2 times. I can't hardly get in to my wifi router via wifi connections. My 2.4 Ghz Wifi Channel and 5Ghz Wifi Channel are totally down. I cannot seems to access directly to the DLINK Router at all.

As for my Asus wifi router, the internet connect speed are totally down. The same problems as my DLINK Router.

Although I have internet connection, but my internet connect speed are very slow.

So, I get another China Made Router which is really a set back to me. But when I check, I noticed that there are so many ports are open. Which is not so dead secure. There so many open ports. When I did a port scan. The China Made Router is Xiaomi AX3200. The wifi setup is very poor. Not unless i can use OpenWRT with it. (Frankly, i myself do not know how to install OpenWRT. And i did not want the Wifi Router to get brick!)

But I check the firewall test with GRC website. All ports are closed but the problem is it did not pass the stealth mode. So my advice to you all do not get any cheap wifi router made from China.

When I check the CVE Vulnerabilities that most Wifi Router are not patch which ZouRAT vulnerabilities. That most wifi routers are not fully protected.

And when i use the Xiaomi Wifi Router. I came across pop-ups that my linux computer is infected with ZouRAT Trojan. It's says that the McAFee antivirus subscription are over and i need to make a purchase.

So I turn off the Xiaomi Ax3200 wifi router and wonder if any antivirus companies have detections with ZouRAT malwares.

I really do not know what to do next. My ISP keep telling me to get and buy a new Asus Router. But my biggest question is they did not have security patch for this vulnerabilities.

I have to hard reset the WIfi Router and reconfigure it again. But really, DLINK did not even have any firmware updates for a year now. As compare to ASUS wifi Router.

I had my wifi router being abuse my siblings who keeps changing things with the wifi settings when i am not around at home.

TP LInk Wifi Router Home Shield need to purchase which is a down side because there is no DOS Protection.

Netgear wifi routers are dead expensive. It too are vulnerable to ZouRAT. I did not know whether they have security patch for that.

That goes the same to Synology Wiif Router.

My other options is to use a Business base wired router and connect the wifi router directly to it. Even though you have Business wired router, if the wifi router get attack, it will go down again and again.

Sometimes you will notice that the Wifi Connection will drops automatically while you are using the computer. That I suspected that someone is trying to hack my wifi router connections.


  • Rusli
    Rusli Posts: 1,018 Influencer

    Well, if you need to secure your network. My best options will be buying a Raspberry pi 4 kit and additional usb 3.0 Ethernet dongle to do it yourself with OpenWRT, to secure your home network. It is the best device to having around. You need to be technical incline to go about doing it. I usually indulging with video tutorials in youtube channels. After much trial and error I managed to built a good firewall router kit to secure my internet connection. My only preferences would be running it in Ethernet connection instead of wifi. Wifi on Raspberry Pi 4 on OpenWRT is a downside as it is very slow. You need to rely on other wifi adapter to install the driver. Provided if the Wifi driver available with OpenWRT. You have to read the documentation and tinkering around to get the device works base on your preferences. You have to look up for packages to be install. That will be the first line of defense. You have a good a hardware router to connect to and having a secure safe internet connections. Well if you need a good hardware firewall router, this is my best options that i highly recommend.

  • Filly_jeo
    Filly_jeo Posts: 1 Observer

    Okay, if you want to protect your network. The Raspberry Pi 4 package and supplementary USB 3.0 Ethernet dongle are your best bets for securing your home network by doing it yourself with OpenWRT like alightmotion.net It is the ideal gadget to have with you. To achieve it, you must be inclined toward technical matters. I frequently indulge in YouTube channels' video lessons.

  • Rusli
    Rusli Posts: 1,018 Influencer
    edited September 2022

    Filly_jeo, you can try IPFire for your raspberry pi 4. You still need the USB 3.0 Ethernet dongle. But the connection speed is far way better on OpenWRT than IPFIRE.

  • Rusli
    Rusli Posts: 1,018 Influencer
    edited April 2023

    I experimenting around with my raspberry pi 4 and install a Ubuntu Server and make it into a router. Googling on the web,searching for how to install router with your raspberry pi 4. If you have a Seeed Studio dual ethernet router and plug in the Raspberry pi Compute Module 4. You can install and setup a router. IpFire is indeed secure but there is a bug with the wifi. As for the OpenWRT installation with raspberry pi 4. Every updates i have to redo and reconfigure and fresh reinstall OpenWRT on my raspberry pi 4. Because it tends to get brick. I have to do it again right from the very beginning. I have try Wireguard VPN. But have not try with Proxy Servers yet. There are other products for instances like the DFRobot Dual Gb Ethernet with Compute Module 4 Raspberry pi kit. FriendlyElec SBC would require a serial TTL USB to install.

    If you are not into these and wanted a wire router that you can hook up to your wifi router you get yourself a Tp-Link Business Router like ER605 and hook it up with your wifi router. Ubiquity Edgerouter-X is also a wired router.

    There is a Ubiquity Dream Machine and Dream Router which you get one. Which i think more secure than current market wifi routers.

    Well right now. Asus Router have Wireguard VPN.

    I might as well rely on Raspberry pi. As there is no worries of getting hack with WPS. Or other stuff.

    If you need to prevent from getting a wifi hack. Get a raspberry pi 4 and turn it into a wired router. Which is far fetch from secure.

  • Rusli
    Rusli Posts: 1,018 Influencer
    edited February 17

    Now I have install PfSense firewall router on my new Intel NUC Celeron Mini PC to harden my internet connection network. I have so many disposals of tools of weapons to work around to defend my wifi network. Endless of projects of thinkering around. Flashing OpenWRT firmware to a certify hardware wifi router. And using Raspberry Pi 4 to set up multiple wired firewall routers, such as ipfire, openwrt and ubuntu servers. Doing endless software beta testings. I have not try the Sophos Home Firewall as a router on my Mini PC yet. And i am glad learning new things as i configure a lot of tools at my end. Checking log files and numerous numbers of attacks at my end. To keep the suckers out of my home network for the time being. Sending bugs to Github software developers. If you need a robust firewall routers i suggesting you built your own routers. There are so many options available. I have not try Untangle. Now Untangle is under Arista. I wonder if they still have built routers to make.