Major Cybersecurity Breach: Over 9,000 ASUS Routers Targeted by Botnet with Indestructible SSH Backdoor
In a troubling development for network security, a substantial number of ASUS routers—more than 9,000—have fallen victim to a sophisticated botnet attack known as “AyySSHush.” This alarming breach, uncovered in March 2025 by the cybersecurity experts at GreyNoise, has revealed significant vulnerabilities in the devices’ authentication protocols.
The attackers have cleverly leveraged legitimate features of the routers to set up a persistent SSH backdoor. This hidden entry point is integrated into the router’s non-volatile memory (NVRAM), which allows it to survive not only firmware updates but also the rebooting of the device itself. As a result, conventional methods for addressing such security flaws have proven ineffective.
This situation underscores the urgent need for enhanced cybersecurity measures and vigilance among both consumers and manufacturers. For router owners, it serves as a stark reminder to remain proactive about their device firmware and security settings, as traditional remediation techniques may no longer suffice in the face of such advanced threats.
As we navigate an increasingly connected world, safeguarding personal and organizational networks is more critical than ever. Stay informed and equip your devices with the latest security practices to mitigate risks associated with such breaches.
Share this content:
