Major Cybersecurity Breach: 9,000 ASUS Routers Exploited by Persistent Botnet Attack

In a troubling development for cybersecurity, more than 9,000 ASUS routers have been compromised as a result of a sophisticated botnet attack, identified as “AyySSHush.” Initially uncovered by the renowned cybersecurity company GreyNoise in March 2025, this breach highlights significant vulnerabilities in router authentication protocols.

The AyySSHush botnet capitalizes on these weaknesses, leveraging the routers’ inherent features to create a lasting SSH backdoor. This backdoor is not merely a temporary exploit; it resides in the router’s non-volatile memory (NVRAM). This means that it remains intact even after firmware updates and device reboots, effectively circumventing conventional recovery methods.

As ASUS router users may find themselves at risk, it underscores the importance of robust cybersecurity practices. Device owners should remain vigilant, regularly monitor their network for unusual activity, and consider seeking out updated security solutions or alternative hardware to safeguard their online environments.