Major Security Breach: Over 9,000 ASUS Routers Compromised by Botnet Attack

In a concerning development for internet users, more than 9,000 ASUS routers have fallen victim to a sophisticated cyberattack involving a botnet known as “AyySSHush.” This alarming breach, identified by cybersecurity firm GreyNoise in March 2025, exploits vulnerabilities related to router authentication and leverages legitimate functionalities to create a persistent SSH backdoor.

What makes this attack particularly alarming is the nature of the backdoor itself. It has been embedded within the router’s non-volatile memory (NVRAM), which enables it to withstand not only firmware updates but also device reboots. As a result, traditional methods for addressing such vulnerabilities may prove futile in rectifying the situation.

The implications of this breach are significant. Malicious actors could potentially gain unauthorized access to sensitive network data, compromising both the privacy and security of users. ASUS router owners are urged to remain vigilant and explore additional protective measures, such as changing default settings and monitoring network traffic for any unusual activity.

As the cybersecurity landscape continues to evolve, this incident serves as a crucial reminder of the importance of robust security practices and regular updates to safeguard against emerging threats.