Over 9,000 ASUS Routers Compromised by Botnet Attack with Unshakeable SSH Backdoor
In a serious cybersecurity breach, more than 9,000 ASUS routers have fallen victim to a sophisticated botnet known as “AyySSHush.” This alarming discovery, made public by the cybersecurity firm GreyNoise in March 2025, highlights a critical vulnerability in router authentication, allowing attackers to exploit inherent features of the device to create a lasting SSH backdoor.
What sets this attack apart is the ingenious method used by the perpetrators. The backdoor is hardwired into the router’s non-volatile memory (NVRAM), which means it is impervious to conventional methods of remediation, including firmware updates and device resets. This persistent backdoor presents a significant challenge for both users and IT professionals, as standard security practices may not suffice to eliminate the threat.
As the landscape of cybersecurity continues to evolve, it becomes increasingly crucial for individuals and organizations alike to regularly monitor their network security and stay informed about the latest vulnerabilities. The ramifications of this incident serve as a stark reminder of the importance of robust security measures in protecting our devices against increasingly sophisticated cyber threats.
Share this content:
