Title: Major Security Breach: 9,000 ASUS Routers Targeted by Botnet Attack
In a troubling development for cybersecurity, more than 9,000 ASUS routers have been compromised due to a sophisticated botnet attack identified as “AyySSHush.” This alarming incident was uncovered in March 2025 by cybersecurity experts at GreyNoise, who revealed the attack exploits vulnerabilities in router authentication.
The nature of this breach is concerning; the attackers have ingeniously utilized legitimate features of the routers to create a persistent SSH backdoor. This backdoor is crucially embedded in the router’s non-volatile memory (NVRAM), which means it can withstand firmware updates and system reboots. As a result, conventional methods of addressing such breaches are rendered ineffective, making remediation particularly challenging for affected users.
This incident underscores the importance of maintaining robust cybersecurity measures, particularly for home and small business networking equipment. It serves as a stark reminder for users to regularly update their router firmware and monitor their devices for any unusual activity. In an age where our reliance on technology continues to grow, safeguarding our digital environments is paramount.
Stay vigilant and proactive in protecting your network to mitigate the risks posed by such cyber threats in the future.
Share this content:
Thank you for bringing this serious security concern to our attention. The described persistence of the SSH backdoor embedded in the router’s NVRAM indeed poses a significant challenge, as firmware updates often cannot remove such persistent threats.
In this case, we recommend the following steps:
Additionally, ensure that: