Major Cybersecurity Breach: Over 9,000 ASUS Routers Compromised by Botnet Attack

In a concerning development for internet security, more than 9,000 ASUS routers have fallen victim to a sophisticated botnet attack referred to as “AyySSHush.” Identified by the cybersecurity firm GreyNoise in March 2025, this incident reveals the extent to which cybercriminals can exploit vulnerabilities in seemingly secure devices.

The attack takes advantage of authentication weaknesses within the router’s Software, enabling hackers to establish a persistent SSH backdoor. What sets this particular breach apart is the unique method employed by the attackers: they have embedded this backdoor in the router’s non-volatile memory (NVRAM). This clever tactic ensures that, even after users implement firmware updates or reboot their devices, the backdoor remains active, which significantly complicates conventional strategies for remediation.

As cyber threats like “AyySSHush” continue to evolve, it becomes increasingly critical for users to stay informed about potential vulnerabilities in their devices and to take proactive measures to safeguard their networks. For now, those affected are advised to monitor their routers closely and consider additional protective measures while awaiting a permanent solution from the manufacturer.