Major Cybersecurity Breach: 9,000 ASUS Routers Compromised by Botnet
In a troubling revelation for network security, more than 9,000 ASUS routers have fallen victim to a sophisticated botnet attack, identified by cybersecurity experts as “AyySSHush.” The incident, uncovered in March 2025 by the esteemed cybersecurity firm GreyNoise, highlights alarming vulnerabilities in router authentication mechanisms.
The botnet takes advantage of legitimate features within the routers to introduce a persistent SSH backdoor, which remains unnoticed by both users and security systems. A significant concern surrounding this breach is that the malicious backdoor has been integrated into the router’s non-volatile memory (NVRAM). This means that conventional methods to eliminate threats, such as firmware updates and device reboots, are ineffective in eradicating the issue.
As network security professionals and users alike grapple with the implications of this breach, it underscores the imperative for enhanced scrutiny of device security measures. It is crucial for all ASUS router owners to stay informed and vigilant, as the persistence of this backdoor poses ongoing risks to personal and organizational networks.
For those affected, immediate action is recommended to secure their devices and protect their networks from further compromise. Be sure to keep abreast of official communications from ASUS and cybersecurity authorities regarding potential fixes or workarounds for this alarming situation.
Share this content:
