Major Security Breach: Over 9,000 ASUS Routers Compromised by Persistent Botnet Attack

In a troubling development for home and business network security, more than 9,000 ASUS routers have been compromised in a sophisticated botnet attack identified as “AyySSHush.” This alarming breach was uncovered in March 2025 by the cybersecurity firm GreyNoise, shedding light on the vulnerabilities that continue to plague many devices in today’s digital landscape.

The AyySSHush botnet exploits significant authentication weaknesses in ASUS routers, leveraging legitimate features to establish a hidden SSH backdoor. This backdoor is particularly insidious; it resides in the router’s non-volatile memory (NVRAM), ensuring its permanence even through firmware updates and system reboots. Consequently, conventional remediation strategies are rendered ineffective, posing a serious challenge for both consumers and IT teams tasked with securing networks.

The rise of such sophisticated threats underscores the critical need for proactive cybersecurity measures. It’s imperative for ASUS router users to remain vigilant and consider implementing additional security protocols to mitigate their risk in the face of evolving cyber threats. This incident serves as a stark reminder of the importance of staying informed and prepared in our increasingly connected world.