Major Security Breach: 9,000 ASUS Routers Compromised by Persistent Botnet Attack

In a troubling development for home and business network security, over 9,000 ASUS routers have been compromised due to a sophisticated cyberattack involving a botnet known as “AyySSHush.” Highlighted by cybersecurity experts at GreyNoise, this security breach was uncovered in March 2025 and has raised concerns about the vulnerabilities present in widely used router systems.

The AyySSHush botnet exploits weaknesses in authentication protocols while taking advantage of legitimate router functions. This allows it to create a persistent SSH backdoor, which poses a significant risk to users’ data and privacy. What sets this particular attack apart is that the backdoor is not just fleeting; it resides in the router’s non-volatile memory (NVRAM). This design means that even firmware updates and device reboots will not eliminate the threat, making conventional remediation strategies ineffective.

As networks become increasingly integral to our daily lives, the implications of such vulnerabilities cannot be understated. Users of ASUS routers are strongly advised to take immediate action to secure their devices and stay informed about the latest developments. Cybersecurity remains a growing concern, and proactive measures are essential to safeguard our digital environments from evolving threats.