Major Security Breach: Over 9,000 ASUS Routers Compromised by Persistent Botnet Attack

In a troubling development within the realm of cybersecurity, a sophisticated botnet identified as “AyySSHush” has compromised more than 9,000 ASUS routers. This alarming incident came to light in March 2025, thanks to research conducted by the cybersecurity firm GreyNoise.

The breach takes advantage of existing authentication vulnerabilities, leveraging legitimate features of the routers to create a persistent SSH backdoor. What sets this attack apart is the manner in which the backdoor becomes ingrained in the router’s non-volatile memory (NVRAM). This characteristic allows it to withstand firmware updates and device resets, posing a significant challenge for affected users who are often left with limited remediation options.

Traditional methods of recovery, such as installing the latest firmware, may no longer be effective against this particular threat. As a result, users of the compromised routers are urged to take immediate precautions and remain vigilant. The incident highlights the urgent need for enhanced security measures and awareness regarding the vulnerabilities that can be exploited in home networking devices.

As this story continues to unfold, we advise all ASUS router owners to stay informed and consider alternative protective strategies to safeguard their networks from potential exploitation.