Major Security Breach: Over 9,000 ASUS Routers Compromised by Botnet Attack

In a concerning development for network security, more than 9,000 ASUS routers have fallen victim to a sophisticated botnet attack identified as “AyySSHush.” This incident, which came to light in March 2025, was uncovered by the cybersecurity experts at GreyNoise, who revealed alarming vulnerabilities that are being exploited by cybercriminals.

The attack takes advantage of specific authentication weaknesses inherent in the routers, allowing hackers to leverage legitimate functionalities to create a persistent SSH backdoor. This backdoor is particularly insidious as it is embedded within the router’s non-volatile memory (NVRAM). As a result, traditional fixes — such as firmware updates or device reboots — are rendered ineffective, as the malicious code remains intact through these processes.

The implications of this breach are severe, as it poses a significant risk not only to the devices themselves but also to the security of networks relying on these routers. Cybersecurity professionals and users of ASUS products are urged to remain vigilant and consider rigorous security measures to mitigate risks associated with this ongoing threat.

As we navigate this era of increasing cyber threats, it is crucial to stay informed and proactive in safeguarding our digital environments. For those affected, a thorough review of network security protocols and potential alternatives may be necessary to restore safety and credibility in their devices.