Thousands of Asus routers are being hit with stealthy, persistent backdoors

Routers from Asus have become targets for a stealthy backdoor attack, allowing nation-states or well-resourced threats to gain control without leaving evidence. Researchers found that attackers exploit now-patched vulnerabilities, using an SSH public key to install private keys for full admin access. The backdoor remains effective even after reboots and firmware updates, thanks to bypasses and legitimate features. GreyNoise has identified nearly 9,000 infected devices worldwide, with the number growing as attackers appear to be gathering material for future attacks.