Most of the devices are made by Asus and are located in the US.

Ars Technica is known for its  coverage of technology-related news and analysis, ranging from scientific breakthroughs to the latest gadgets and gaming developments. Readers can learn about emerging technologies, industry trends, and the societal impact of technological advancements through detailed articles and reviews.

Ars Technica

Security researchers at Lumen's Black Lotus Labs have identified a botnet called KadNap infecting approximately 14,000 routers daily, up from 10,000 last August. The majority of compromised devices are Asus routers, likely targeted via known unpatched vulnerabilities. What makes KadNap particularly notable is its use of a Kademlia-based peer-to-peer architecture with distributed hash tables (DHTs) to hide command-and-control server IPs, making it highly resistant to traditional detection and takedown methods. Infected devices are primarily located in the US and are used as anonymous proxies for cybercrime traffic.

14,000 routers are infected by malware that’s highly resistant to takedowns

How Lighting Design In The Callisto Protocol Elevates The Horror