If you have an Asus router on your home network, it may have been targeted by a sophisticated form of malware capable of adding devices to a botnet and using them for criminal activity. Researchers at Lumen’s Black Lotus Labs identified this threat—dubbed KadNap—in August 2025 and estimate that more than 14,000 devices have been infected.
How KadNap compromises home networks
As Ars Technica reports, KadNap exploits unpatched vulnerabilities in connected devices, most of which are Asus routers. Infected devices are added to a proxy network that can hide malicious traffic. In this case, they are carrying traffic for service called Doppelganger, which allows users to browse anonymously and engage in brute-force attacks and targeted exploitation.
KadNap is particularly difficult to detect because its protocol conceals the IP addresses of hackers’ command-and-control (C2) servers, allowing it to evade traditional monitoring. The design also makes it highly scalable and resistant to takedown.
...Keep reading this article on Life Hacker.
