The AyySSHush botnet, identified by GreyNoise, has compromised over 8,000 Asus routers by exploiting vulnerabilities to disable Trend Micro security features. Initially detected in March, this botnet leverages brute-force attacks and authentication bypass techniques, including the CVE-2023-39780 vulnerability, to establish persistent SSH access. This access is particularly concerning as it persists through firmware updates due to configuration set by Asus. The threat remains un-attributed to any specific group but is perceived as highly sophisticated due to its advanced techniques, leading to ongoing exploitation activities and heightened security risks for users.
AyySSHush botnet exploits Asus routers by bypassing security features to establish persistent backdoor access, even through firmware updates, highlighting a serious security concern.
Collection
[
|
...
]