Title: Major Security Breach: Over 9,000 ASUS Routers Compromised by Persistent Botnet Attack
In a concerning development for network security, more than 9,000 ASUS routers have fallen victim to a sophisticated botnet attack, identified as “AyySSHush.” This alarming breach was revealed in March 2025 by cybersecurity experts at GreyNoise, who uncovered that the attack exploits vulnerabilities within router authentication systems.
The nature of this attack is particularly troubling as it leverages legitimate features of the routers to create a persistent SSH backdoor. This backdoor is cleverly integrated into the router’s non-volatile memory (NVRAM), which means that it can withstand firmware updates and device reboots. As a result, traditional remediation strategies, which often involve updating firmware to eliminate vulnerabilities, prove ineffective in this case.
The implications of this breach are significant, as it not only endangers the affected routers but also highlights broader concerns about the security of Internet of Things (IoT) devices. Users of ASUS routers are urged to remain vigilant, monitor their network activity closely, and consider enhanced security measures to protect their systems from potential exploitation by such malicious entities.
As the landscape of cybersecurity continues to evolve, this incident serves as a stark reminder of the importance of robust security protocols and regular monitoring of network devices.
Share this content:
