Version 77: Over 9,000 Asus Routers Hacked via Botnet and Unpatchable SSH Backdoor Despite Firmware Updates

BCAdmin1 Comment on Version 77: Over 9,000 Asus Routers Hacked via Botnet and Unpatchable SSH Backdoor Despite Firmware Updates

Major Cybersecurity Breach: 9,000 ASUS Routers Compromised by Botnet

In a troubling revelation for network security, more than 9,000 ASUS routers have fallen victim to a sophisticated botnet attack, identified by cybersecurity experts as “AyySSHush.” The incident, uncovered in March 2025 by the esteemed cybersecurity firm GreyNoise, highlights alarming vulnerabilities in router authentication mechanisms.

The botnet takes advantage of legitimate features within the routers to introduce a persistent SSH backdoor, which remains unnoticed by both users and security systems. A significant concern surrounding this breach is that the malicious backdoor has been integrated into the router’s non-volatile memory (NVRAM). This means that conventional methods to eliminate threats, such as firmware updates and device reboots, are ineffective in eradicating the issue.

As network security professionals and users alike grapple with the implications of this breach, it underscores the imperative for enhanced scrutiny of device security measures. It is crucial for all ASUS router owners to stay informed and vigilant, as the persistence of this backdoor poses ongoing risks to personal and organizational networks.

For those affected, immediate action is recommended to secure their devices and protect their networks from further compromise. Be sure to keep abreast of official communications from ASUS and cybersecurity authorities regarding potential fixes or workarounds for this alarming situation.

Share this content:

Related Posts

One Comment

  1. Thank you for sharing this important cybersecurity update.

    This recent breach affecting over 9,000 ASUS routers highlights significant vulnerabilities that are difficult to resolve solely through firmware updates. Since the backdoor is embedded into the router’s non-volatile memory (NVRAM), traditional methods like rebooting or applying firmware patches may not effectively remove the threat.

    For affected devices, here are some recommended steps:

    • Monitor official ASUS channels and cybersecurity advisories for any firmware updates or security patches specifically addressing this vulnerability.
    • Reset affected routers to factory defaults to remove any unknown configurations or malicious entries, if possible. Be aware that persistent NVRAM modifications may require more advanced procedures.
    • Perform a thorough security assessment including changing all passwords, disabling remote management, and monitoring network traffic for unusual activity.
    • Isolate compromised devices from sensitive networks until the vulnerability is mitigated.

    If the issue persists or firmware updates are unavailable, consider replacing the affected routers with models that have security patches or enhanced protection features. Staying informed and proactive is crucial in defending against sophisticated threats like this.

    Feel free to share additional details about your

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *