14,000 routers are infected by malware that's highly resistant to takedowns
2 days ago
- #KadNap
- #cybersecurity
- #botnet
- Researchers discovered a takedown-resistant botnet named KadNap, consisting of 14,000 routers and network devices, primarily Asus models.
- The botnet exploits unpatched vulnerabilities, with a high concentration of Asus routers likely due to reliable exploits for those models.
- Infected devices are mostly in the US, with smaller numbers in Taiwan, Hong Kong, and Russia.
- KadNap uses a sophisticated peer-to-peer design based on Kademlia, making it resistant to traditional detection and takedown methods.
- The botnet's decentralized control via distributed hash tables (DHTs) helps conceal command-and-control server IPs, enhancing its resilience.