Major Cybersecurity Breach: Over 9,000 ASUS Routers Compromised by Persistent Botnet Attack
In a troubling turn of events, a significant cybersecurity breach has compromised more than 9,000 ASUS routers, putting countless users at risk. This incident, identified by the cybersecurity firm GreyNoise in March 2025, involves a sophisticated botnet known as “AyySSHush,” which takes advantage of existing vulnerabilities within the router’s authentication system.
The attack is particularly alarming due to the method employed by the attackers. They leverage legitimate features of the routers to create a persistent SSH backdoor embedded in the router’s non-volatile memory (NVRAM). This clever tactic allows the backdoor to remain intact even after firmware updates or device reboots, thereby thwarting traditional mitigation efforts that typically involve updating router firmware to close security gaps.
This breach underscores the importance of robust cybersecurity measures for smart devices in our homes, especially as we continue to rely on interconnected technology. Users of affected ASUS routers are urged to take immediate action by checking their devices for signs of compromise and ensuring their firmware is up to date, while also considering additional security measures to protect their networks.
As the situation develops, it serves as a stern reminder that maintaining cybersecurity vigilance is paramount in an increasingly digital world.
Share this content:
