Major Cybersecurity Breach: Over 9,000 ASUS Routers Compromised by Botnet Attack

In a troubling development for network security, more than 9,000 ASUS routers have fallen victim to a skilled cyberattack. The incident centers around a malicious botnet referred to as “AyySSHush,” which was identified by cybersecurity experts at GreyNoise in March 2025.

The attack capitalizes on specific authentication weaknesses within the routers, taking advantage of legitimate system functionalities to create a lasting SSH backdoor. What sets this breach apart is the method of infiltration—this backdoor is integrated into the device’s non-volatile memory (NVRAM). As a result, even when users attempt to secure their devices through firmware updates or system reboots, the malicious access point remains intact.

This situation highlights the importance of robust security measures and vigilance in managing networked devices. As more homes and businesses rely on router technology, understanding and addressing such vulnerabilities is critical. Cybersecurity specialists recommend regularly reviewing device settings and employing rigorous security protocols to mitigate risks associated with similar threats.

As the digital landscape evolves, so too must our strategies to safeguard against emerging cyber threats. The case of the ASUS routers serves as a stark reminder of the complexity of modern cyberattacks and the persistent challenges they pose for both individuals and organizations alike.