Major Cybersecurity Breach: Over 9,000 ASUS Routers Compromised by “AyySSHush” Botnet

In a troubling development, more than 9,000 ASUS routers have fallen victim to a sophisticated cyberattack involving a resilient botnet known as “AyySSHush.” This alarming incident, first identified by the cybersecurity firm GreyNoise in March 2025, highlights the vulnerabilities present in certain authentication protocols that power these devices.

The attack takes advantage of legitimate features within the router’s capabilities, enabling the establishment of a persistent SSH backdoor. This backdoor is particularly concerning as it resides in the router’s non-volatile memory (NVRAM). As a result, it remains intact even through firmware updates or device reboots, which means that traditional methods of rectifying security flaws may not be sufficient to eliminate this threat.

As cybercriminals become increasingly sophisticated, this incident serves as a stark reminder for users to remain vigilant and proactive in securing their devices. Ensuring that routers are properly configured, regularly updated, and monitored for unusual behavior is essential in safeguarding against such relentless attacks. Users are encouraged to seek out additional layers of security and stay informed about the evolving landscape of cybersecurity threats.