Researchers warn Kadnap malware infects routers and builds resilient botnet

A newly identified malware campaign has compromised thousands of internet-facing devices, according to cybersecurity researchers.

The malware, known as Kadnap, targets routers and edge devices. These devices connect local networks to the wider internet. They are often less protected than other systems.

Researchers estimate that at least 14,000 devices are affected. The number may increase. Many of the devices are used by home users and small businesses.

The issue lies in how the malware operates. It exploits known vulnerabilities in routers. Once installed, it gains persistent control. It can survive reboots and avoid detection.

Kadnap uses a peer-to-peer structure. There is no central command server. Infected devices communicate with each other. This makes disruption more difficult. Removing one part of the network does not stop the whole system.

This design supports long-term use. Compromised routers can be used for multiple purposes. These include routing traffic, hiding identities, and supporting larger cyberattacks.

The case highlights a recurring weakness. Routers often do not receive regular updates. Many devices remain exposed for years. This creates a stable target for attackers.

Experts recommend basic mitigation steps. Users should update firmware. Remote access features should be disabled if not needed. Unsupported devices should be replaced.