Cybersecurity alert: Hijacked devices now key weapon in global attacks

Security researchers have raised alarm over a sophisticated new malware operation called KadNap, which has silently compromised over 14,000 devices globally.

This KadNap botnet creates a formidable challenge for defenders, as its architecture makes the resulting cyberattacks nearly impossible to thwart and block through traditional methods.

According to a new report shared by the cybersecurity firm Lumen, the malware uses a decentralised peer-to-peer system to avoid network detection.

By seizing control of the home and small-businesses networking hubs, criminals can use them as “middlemen” to disguise and route malicious traffic, masking the true source and making it difficult to detect.

KadNap devices talk directly to one another. This decentralized approach allows the network to hide in plain sight and avoid detection by standard security monitoring tools.

“As modern society increasingly relies on internet-exposed Internet of Things (IoT) devices, the opportunities for malicious actors to exploit vulnerabilities continue to abound,” Lumen’s report stated.

“Threat actors are building large-scale botnets specifically designed to hijack devices in this growing pool of targets, using them to route traffic and evade detection by network security systems.”

KadNap monetizes its botnet via the Doppelganger platform. The buyers utilize these compromised devices to execute high-volume brute-force attacks and precision-engineered cyber exploits.

KadNap botnets have targeted people mostly across the US. But, the majority of infected devices were found in the UK, Brazil, Australia, Russia and Europe.