094 90 48200     Get SUPPORT

Aniar IT Services Blog

What is a Router Botnet? Find Out Today!

What is a Router Botnet? Find Out Today!

Ordinarily, one of the best ways to protect your organization’s infrastructure is to make sure any and all patches administered to the software you use are applied as soon as possible after they’ve been released. However, patches don’t help against threats that aren’t discovered at the moment they are released. The recent spread of BCMUPnP_Hunter botnet shows that it’s not enough for people to keep patching their systems.

Threat Background
This botnet was initially discovered in September. Since then, it has infected devices to support a huge spam email campaign. BCMUPnP_Hunter is able to zero-in on victims thanks to its ability to scan for potential targets, like routers with the BroadCom University Plug and Play feature enabled. The system can then be taken over by the hacker.

It is assumed that the network created by BCMUPnP_Hunter was created to send out spam emails. The threat creates a proxy that communicates with email servers, allowing attackers to use botnets to generate profit through fraudulent clicks. What’s more is that the malware seems to have been created by someone who has a considerable amount of skill. To make things worse is that BCMUPnP_Hunter also appears to scan from over 100,000 sources, making this botnet quite large.

How Does This Prove That Patches Aren’t Working?
In order for BCMUPnP_Hunter to work as intended, it must target devices that have BroadcomUPnP enabled to take advantage of a vulnerability. The thing is that this vulnerability has been patched since 2013 when it was first discovered, meaning that most manufacturers have issued a patch since then. Therefore, the majority of devices being used by this threat are those that haven’t been patched for some reason or another.

The Lesson Learned
A simple lesson can be learned here. It goes to show that any equipment on your infrastructure that’s not maintained could be putting your business at risk. This includes making sure that you implement patches and security updates as soon as they are released. Of course, they aren’t always broadcast to the public--after all, who would want to admit that the product they have created is vulnerable to attack, and that the vulnerability is being exploited? As a business owner, it’s your responsibility to keep up with the latest threats.

Granted, not all business owners have the time or luxury to focus on something like this. For those who want to minimize the threat posed by vulnerabilities, give the IT professionals at Aniar IT Services a call at 094 90 48200 .

The Pros and Cons of Automating Business Processes
Tip of the Week: Improve Your Business’ Wi-Fi
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Thursday, January 17 2019

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Tip of the Week Security Technology Best Practices Privacy Tech Term Google User Tips Cloud Business Computing Data Backup Email Microsoft Data Data Recovery Network Security Hardware Mobile Devices Hackers Innovation Smartphone Internet VoIP Communication Cloud Computing Malware Business Hosted Solutions Android IT Services Windows 10 Managed IT Services Browser Artificial Intelligence Workplace Tips Backup Smartphones Communications Network IT Support Small Business Internet of Things Router Chrome How To Outsourced IT Saving Money Efficiency Windows Business Continuity Spam Information Collaboration Business Management Computer Word Cybercrime Software Productivity Applications Computers BDR Office 365 Cybersecurity Server Mobile Device Management Vulnerability Two-factor Authentication Managed Service Data Protection Passwords Holiday Ransomware Mobile Device Facebook Connectivity Gadgets Settings Money Data Security Miscellaneous Content Management Keyboard Upgrade Social Media Botnet VPN Disaster Recovery Spam Blocking Windows 7 Password Managed IT services Blockchain Virtual Assistant Automation Bring Your Own Device Redundancy Voice over Internet Protocol Wi-Fi Operating System IT Management Telephone Systems App Social Engineering Paperless Office Save Money Avoiding Downtime BYOD Identity Theft Google Drive Phishing Telephone System Comparison Apps Remote Monitoring Microsoft Office IT Plan Google Docs OneNote Law Enforcement Sports Machine Learning Access Control CES Virtualization Telephony Managed IT Fraud Encryption Website Software as a Service Unsupported Software Scam Business Intelligence Human Resources Data Storage Update Infrastructure Cache Smart Office Data loss HBO Practices Safe Mode Security Cameras Computer Fan eWaste Thought Leadership Remote Worker Telecommuting Amazon Networking Shortcuts Software Tips Staff Microchip Computer Care Bandwidth Skype Wireless Internet Document Management Camera Cortana Alert Outlook Government Charger Hosted Computing FENG Legal Wiring Travel Remote Work Amazon Web Services Accountants Enterprise Content Management Mobility Tools Work/Life Balance Search Engine Patch Management Password Manager Nanotechnology Start Menu HIPAA USB Frequently Asked Questions Recovery Wireless Charging Inventory Criminal Firewall Meetings Augmented Reality Password Management Social Solid State Drive Sync Multi-Factor Security MSP Downtime Millennials Digital Signature Servers Bing Windows 10s WiFi Business Mangement Smart Tech Electronic Medical Records Wire Entertainment Warranty Screen Mirroring Excel Google Apps Addiction Hacker Unified Threat Management Employer-Employee Relationship Online Shopping The Internet of Things NIST Vendor Audit Physical Security File Sharing Root Cause Analysis Value Workforce Credit Cards PDF HVAC Help Desk Private Cloud Flash Gmail Specifications Data Management Printer Cast Tip of the week Workers Mobile Computing Evernote Cleaning Big Data Cryptocurrency Display Trending Recycling Devices Training Public Cloud HaaS YouTube Mouse Windows Server 2008 Authentication Mobile Office Quick Tips Domains CrashOverride Emergency Wireless Company Culture Windows 10 Smartwatch Public Speaking Managed Service Provider Presentation Managing Stress Lithium-ion battery Printers Twitter Hiring/Firing Tech Support Wireless Technology 5G Fun Safety IBM Marketing Productivity Budget Compliance Competition Customer Relationship Management IP Address Users Hard Drives Regulation Search Customer Service