094 90 48200     Get SUPPORT

Aniar IT Services Blog

What is a Router Botnet? Find Out Today!

What is a Router Botnet? Find Out Today!

Ordinarily, one of the best ways to protect your organization’s infrastructure is to make sure any and all patches administered to the software you use are applied as soon as possible after they’ve been released. However, patches don’t help against threats that aren’t discovered at the moment they are released. The recent spread of BCMUPnP_Hunter botnet shows that it’s not enough for people to keep patching their systems.

Threat Background
This botnet was initially discovered in September. Since then, it has infected devices to support a huge spam email campaign. BCMUPnP_Hunter is able to zero-in on victims thanks to its ability to scan for potential targets, like routers with the BroadCom University Plug and Play feature enabled. The system can then be taken over by the hacker.

It is assumed that the network created by BCMUPnP_Hunter was created to send out spam emails. The threat creates a proxy that communicates with email servers, allowing attackers to use botnets to generate profit through fraudulent clicks. What’s more is that the malware seems to have been created by someone who has a considerable amount of skill. To make things worse is that BCMUPnP_Hunter also appears to scan from over 100,000 sources, making this botnet quite large.

How Does This Prove That Patches Aren’t Working?
In order for BCMUPnP_Hunter to work as intended, it must target devices that have BroadcomUPnP enabled to take advantage of a vulnerability. The thing is that this vulnerability has been patched since 2013 when it was first discovered, meaning that most manufacturers have issued a patch since then. Therefore, the majority of devices being used by this threat are those that haven’t been patched for some reason or another.

The Lesson Learned
A simple lesson can be learned here. It goes to show that any equipment on your infrastructure that’s not maintained could be putting your business at risk. This includes making sure that you implement patches and security updates as soon as they are released. Of course, they aren’t always broadcast to the public--after all, who would want to admit that the product they have created is vulnerable to attack, and that the vulnerability is being exploited? As a business owner, it’s your responsibility to keep up with the latest threats.

Granted, not all business owners have the time or luxury to focus on something like this. For those who want to minimize the threat posed by vulnerabilities, give the IT professionals at Aniar IT Services a call at 094 90 48200 .

The Pros and Cons of Automating Business Processes
Tip of the Week: Improve Your Business’ Wi-Fi


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Monday, March 18 2019

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Tip of the Week Security Technology Best Practices Privacy Business Computing Google User Tips Tech Term Cloud Email Data Backup Hosted Solutions Data Recovery Mobile Devices Microsoft Productivity Data Network Security Innovation Hardware Cloud Computing Internet VoIP Workplace Tips Hackers Malware Communication Smartphone Communications IT Services Windows 10 Efficiency Internet of Things Artificial Intelligence IT Support Android Managed IT Services Browser Backup Smartphones Business Windows Router Network Business Management Small Business Cybersecurity Software Chrome How To Server Spam Cybercrime Mobile Device Collaboration Computer BDR Applications Outsourced IT Business Continuity Gadgets Information Office 365 Computers Saving Money Word Ransomware Paperless Office Mobile Device Management Holiday Money Two-factor Authentication Vulnerability Connectivity Passwords Encryption Facebook Settings Miscellaneous Data Security Managed Service Data Protection Save Money Comparison Spam Blocking Identity Theft Google Docs Telephone System Wi-Fi Law Enforcement Bring Your Own Device Telephony Managed IT Augmented Reality Operating System IT Management Scam Update Sports Machine Learning App Access Control Business Intelligence Cryptocurrency Apps Meetings CES BYOD Botnet Google Drive Fraud Software as a Service Microsoft Office Windows 7 Human Resources Infrastructure Disaster Recovery Content Management Keyboard Managed IT services Private Cloud IT Plan Redundancy VPN Voice over Internet Protocol Remote Monitoring Website Telephone Systems OneNote Password Virtual Assistant Virtualization Blockchain Social Engineering Avoiding Downtime Automation Upgrade Unsupported Software Data Storage Phishing Social Media Health Data loss Excel HIPAA USB Computer Fan Wireless Charging Inventory Password Management Social Criminal Firewall Software Tips Business Mangement Value Smart Tech Workforce MSP Net Neutrality Flash Digital Signature Servers Bing Employee Cortana Alert Tip of the week Electronic Medical Records Wire Entertainment Warranty FENG Google Apps Specifications NIST Vendor Addiction Unified Threat Management Online Shopping Trending Gmail File Sharing ISP Credit Cards HaaS PDF HVAC Help Desk Digital Signage Windows Server 2008 Data Management Printer Workers Display HBO Mobile Computing Solid State Drive Evernote Cleaning Recycling Devices Telecommuting Training The Internet of Things Cryptomining Windows 10s Hacker Downtime Google Search Screen Mirroring Computer Care YouTube Mouse Authentication Safe Mode Security Cameras Employer-Employee Relationship Outlook Government Cache Smart Office Quick Tips Audit Physical Security Skype Practices Root Cause Analysis eWaste Travel Thought Leadership Remote Work Remote Worker Big Data Database Amazon Networking Shortcuts Save Time Cast Patch Management Staff Microchip Tools Bandwidth Work/Life Balance Smartwatch Frequently Asked Questions Recovery Wireless Internet Document Management Camera Charger Start Menu Hosted Computing Mobility Legal Wiring Business Technology Public Cloud Amazon Web Services Sync Accountants Multi-Factor Security Enterprise Content Management Millennials Proactive IT WiFi Search Engine Password Manager Nanotechnology Wireless Printers Twitter Windows 10 Public Speaking CrashOverride Presentation Lithium-ion battery Managed Service Provider Compliance Wireless Technology 5G Tech Support Safety Hiring/Firing IBM Productivity Marketing Regulation Budget Fun Emergency Competition Customer Relationship Management IP Address Company Culture Users Customer Service Mobile Office Hard Drives Domains Managing Stress Search