Thousands of Asus routers have been hacked and are currently controlled by a group believed to be linked to the Chinese government. Researchers from SecurityScorecard identified this operation, named WrtHug, which targets seven specific Asus router models that no longer receive security updates from the manufacturer. This lack of support leaves the devices vulnerable, and the precise objectives of the hackers remain unclear. The compromised routers are likely being used for covert operations, similar to tactics seen in operational relay box (ORB) networks. These networks allow hackers to conduct espionage while concealing their identities. SecurityScorecard emphasizes that the access gained through these devices could enable a wide range of activities, primarily focused on intelligence gathering rather than overtly disruptive actions like DDoS attacks. The majority of affected routers are located in Taiwan, with additional clusters in South Korea, Japan, Hong Kong, Russia, central Europe, and the United States. China has a history of using hacked routers for surveillance, with the French government previously linking the threat group APT31 to a major campaign involving such tactics. Similar campaigns attributed to Chinese actors have emerged in recent years. While Russian hackers have also engaged in comparable activities, their frequency has been lower. A notable case from 2018 involved a Russian group infecting over 500,000 routers with malware called VPNFilter.