They might be able to, but in this case it wasn’t a full remote control issue. Even ASUS routers not configured to automatically install updates still automatically download updates for some security definitions file used by the router. ASUS released a corrupted version of that file and it caused routers to run out of memory and have a host of problems.
I wish the solution were to switch to a competent competitor, but no one can recommend anything better. It’s either use a Linux box or buy ASUS because it’s the easiest to flash with open firmware.
ASUS routers not configured to automatically install updates still automatically download updates for some security definitions file used by the router
And thus it can be shut down remotely. The router has to check regularly for updates to this security definition, which is the point they'd insert the shutdown.
They wouldn’t need to be that clever. With the default firmware these things are a black box. They might have something else that it remotely downloads that can simply run arbitrary code. We wouldn’t know it.
(post is archived)