Botnet hacks 9,000+ ASUS routers to add persistent SSH backdoor

consumer grade routers are fucking shite.

Detailed technical analysis by GreyNoise

https://www.labs.greynoise.io/grimoire/2025-03-28-ayysshush/

I still have a few Asus routers capable of running the older version with the CVE-2023-39780 vulnerability. This makes me wonder whether it might be worth making one into a honeypot for fun.