Major Cybersecurity Breach: Over 9,000 ASUS Routers Compromised by Botnet Attack

In a concerning development for internet security, cybersecurity experts have uncovered a significant attack that has compromised more than 9,000 ASUS routers. This breach involves a sophisticated botnet known as “AyySSHush,” identified by the cybersecurity firm GreyNoise in March 2025.

The attack capitalizes on existing vulnerabilities in authentication processes, allowing the botnet to exploit the routers’ inherent features to create a lasting SSH backdoor. What sets this breach apart from others is the way the backdoor is firmly embedded in the router’s non-volatile memory (NVRAM). This strategic placement makes it incredibly resilient, able to survive firmware updates and routine restarts—essentially making conventional remediation techniques ineffective.

This incident serves as a stark reminder of the vulnerabilities present in widely used consumer devices. As we increasingly rely on connected technology in our daily lives, ensuring robust security measures is more important than ever. Users of ASUS routers are urged to take immediate action, such as changing default passwords and implementing network-level protections, to mitigate potential risks associated with this attack.

Stay vigilant and informed to protect your digital environment from evolving cyber threats.