Widespread Cybersecurity Breach: Over 9,000 ASUS Routers Compromised by Botnet Attack
In a troubling development for internet security, a staggering 9,000 ASUS routers have fallen victim to a sophisticated cyberattack involving a botnet known as “AyySSHush.” Conducted by the cybersecurity analysis firm GreyNoise, this incident came to light in March 2025 and highlighted critical vulnerabilities within the router’s authentication protocols.
The attack takes advantage of inherent features within the router, employing them to create a resilient SSH backdoor. What makes this breach particularly concerning is that the malicious backdoor is embedded in the router’s non-volatile memory (NVRAM). This means that even when users attempt to resolve the issue through firmware updates or device reboots, the backdoor remains intact, effectively nullifying traditional security measures.
As networked devices become increasingly integral to our daily lives, this incident raises important questions about the security of smart home equipment and the responsibilities of manufacturers in safeguarding their products against cyber threats. The persistence of the attack underscores the importance of proactive security practices and regularly updating router settings to mitigate potential risks.
Users are urged to take immediate action by reviewing their router’s security settings, changing default passwords, and considering the installation of reputable security software. In an era where connectivity is paramount, safeguarding our networks must remain a top priority.
Share this content:
Helpful Tips for Dealing with Persistent Router Backdoors
Thank you for bringing this critical issue to attention. The persistence of the SSH backdoor even after firmware updates can be particularly challenging. Here are some steps you might consider to enhance your router’s security: