Major Cybersecurity Breach: Over 9,000 ASUS Routers Targeted by Persistent Botnet

In a troubling development for internet security, more than 9,000 ASUS routers have fallen prey to a sophisticated cyber attack involving a botnet known as “AyySSHush.” This bold and clever attack was uncovered in March 2025 by cybersecurity experts at GreyNoise, revealing exploits that take advantage of certain authentication weaknesses inherent in these devices.

The modus operandi of the attackers is both alarming and innovative. They do not rely solely on traditional methods; instead, they leverage legitimate functionalities of the routers to create a lasting SSH backdoor. This means that even if users attempt to secure their devices through firmware updates, the malicious code remains entrenched within the router’s non-volatile memory (NVRAM). Consequently, these updates and reboots do not eliminate the threat, making traditional remediation strategies ineffective against this kind of intrusion.

As cyber threats become increasingly complex, it is crucial for users to remain vigilant. This incident highlights the importance of regular security assessments and the need to stay informed about vulnerabilities in consumer technology. Taking proactive measures can contribute to safeguarding your network against such pervasive threats.