Major Security Breach: 9,000 Asus Routers Compromised by Persistent Botnet Attack

In an alarming development for network security, a sophisticated botnet attack has compromised over 9,000 ASUS routers, highlighting the vulnerabilities inherent in modern internet-enabled devices. This threat, named “AyySSHush,” was uncovered in March 2025 by the cybersecurity experts at GreyNoise.

The attack takes advantage of weaknesses in authentication protocols, leveraging legitimate features of the routers to create a persistent SSH backdoor. What sets this incident apart is the nature of the backdoor, which is securely embedded in the router’s non-volatile memory (NVRAM). This characteristic means that the backdoor remains intact even after firmware updates or device reboots, making traditional remediation efforts futile.

As the digital landscape becomes increasingly interconnected, the need for robust security measures grows ever more critical. Users of affected ASUS routers are strongly advised to seek immediate guidance from cybersecurity professionals and stay updated with manufacturer notifications regarding security patches and device management practices.

This incident serves as a stark reminder of the importance of maintaining vigilant security practices to safeguard our devices against evolving threats.