"Vulnerable software is potentially facilitating surveillance and data theft. The ASUS WebStorage system is being actively abused to perform Man-in-The-Middle (MiTM) attacks, researchers say. ESET researcher Anton Cherepanov published a report detailing attack vectors related to WebStorage, ASUS's cloud storage service, on Tuesday. According to the team, the Plead malware may be being distributed through MiTM attacks taking place against ASUS software. Plead is a malware variant which specializes in data theft through a combination of the Plead backdoor and Drigo exfiltration tool The malware has been connected to BlackTech, a cyberespionage group which is believed to be operating in Asia and has been linked to attacks against targets in Taiwan, Japan, and Hong Kong...." https://www.zdnet.com/article/asus-webstorage-abused-to-spy-on-users-at-the-router-level/
