Title: Major Security Breach: Over 9,000 ASUS Routers Targeted by Botnet with Unfixable SSH Backdoor
In a crucial development, cybersecurity experts are sounding the alarm over a severe breach impacting more than 9,000 ASUS routers. Identified by the cybersecurity firm GreyNoise, the attack revolves around a sophisticated botnet known as “AyySSHush.” This alarming situation comes to light as the firm reported its findings in March 2025.
The AyySSHush botnet exploits existing vulnerabilities within the router’s authentication processes, cleverly leveraging legitimate features built into the routers themselves. The most concerning aspect of this breach is the establishment of a persistent SSH backdoor, strategically embedded within the router’s non-volatile memory (NVRAM). This means the backdoor remains intact even after firmware updates and router reboots, effectively evading standard security measures that users commonly implement.
As traditional methods of remediation prove ineffective against this sophisticated attack, users of compromised routers are urged to take immediate precautions. With hackers now capable of maintaining access despite updates, it’s essential for affected individuals to reassess their network security and consider potential replacements for their devices.
This incident serves as a stark reminder of the vulnerabilities that can exist within our digital infrastructure, and emphasizes the importance of proactive cybersecurity measures in an increasingly connected world. Stay informed and vigilant to protect your network from evolving threats.
Share this content:
