094 90 48200     Get SUPPORT

Aniar IT Services Blog

What is a Router Botnet? Find Out Today!

What is a Router Botnet? Find Out Today!

Ordinarily, one of the best ways to protect your organization’s infrastructure is to make sure any and all patches administered to the software you use are applied as soon as possible after they’ve been released. However, patches don’t help against threats that aren’t discovered at the moment they are released. The recent spread of BCMUPnP_Hunter botnet shows that it’s not enough for people to keep patching their systems.

Threat Background
This botnet was initially discovered in September. Since then, it has infected devices to support a huge spam email campaign. BCMUPnP_Hunter is able to zero-in on victims thanks to its ability to scan for potential targets, like routers with the BroadCom University Plug and Play feature enabled. The system can then be taken over by the hacker.

It is assumed that the network created by BCMUPnP_Hunter was created to send out spam emails. The threat creates a proxy that communicates with email servers, allowing attackers to use botnets to generate profit through fraudulent clicks. What’s more is that the malware seems to have been created by someone who has a considerable amount of skill. To make things worse is that BCMUPnP_Hunter also appears to scan from over 100,000 sources, making this botnet quite large.

How Does This Prove That Patches Aren’t Working?
In order for BCMUPnP_Hunter to work as intended, it must target devices that have BroadcomUPnP enabled to take advantage of a vulnerability. The thing is that this vulnerability has been patched since 2013 when it was first discovered, meaning that most manufacturers have issued a patch since then. Therefore, the majority of devices being used by this threat are those that haven’t been patched for some reason or another.

The Lesson Learned
A simple lesson can be learned here. It goes to show that any equipment on your infrastructure that’s not maintained could be putting your business at risk. This includes making sure that you implement patches and security updates as soon as they are released. Of course, they aren’t always broadcast to the public--after all, who would want to admit that the product they have created is vulnerable to attack, and that the vulnerability is being exploited? As a business owner, it’s your responsibility to keep up with the latest threats.

Granted, not all business owners have the time or luxury to focus on something like this. For those who want to minimize the threat posed by vulnerabilities, give the IT professionals at Aniar IT Services a call at 094 90 48200 .

The Pros and Cons of Automating Business Processes
Tip of the Week: Improve Your Business’ Wi-Fi
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Sunday, June 16 2019

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Tip of the Week Security Technology Best Practices Business Computing User Tips Privacy Email Productivity Cloud Google Internet Tech Term Microsoft Hosted Solutions Data Network Security Innovation Hackers Data Backup Hardware Efficiency Cloud Computing Data Recovery Workplace Tips Mobile Devices Communication IT Support Android Smartphone Windows 10 Communications Business Malware VoIP Network Small Business IT Services Managed IT Services Smartphones Mobile Device Internet of Things Software Business Management Artificial Intelligence Gadgets Browser Backup Windows Router Collaboration Cybersecurity Information Spam Chrome How To Server Word Computer Phishing Cybercrime Applications BDR Outsourced IT Office 365 Users Miscellaneous Business Continuity Saving Money Computers Ransomware Passwords Connectivity Vulnerability Operating System Money BYOD Encryption Facebook Staff Remote Monitoring Settings Social Media Data Security Managed Service Data Protection Mobile Device Management Paperless Office Two-factor Authentication Holiday Education Identity Theft Spam Blocking Telephone System Comparison Augmented Reality Apps Bring Your Own Device Google Docs Access Control IT Management Law Enforcement Sports Machine Learning Cryptocurrency Display Telephony Microsoft Office CES App Training Managed IT Fraud Meetings Software as a Service Scam Infrastructure Google Drive Business Intelligence Human Resources Update Website Content Management Keyboard Botnet VPN Password Private Cloud IT Plan Disaster Recovery Upgrade Windows 7 Virtual Assistant Managed IT services Blockchain OneNote Government Redundancy Voice over Internet Protocol Automation Virtualization Unsupported Software Telephone Systems Data Storage Save Money Social Engineering Wi-Fi Avoiding Downtime Business Mangement Smart Tech Software Tips MSP Net Neutrality Millennials Digital Signature Servers Bing WiFi Employee Electronic Medical Records Wire Entertainment Warranty Excel Google Apps NIST Vendor 5G Addiction FENG Unified Threat Management Cables Online Shopping Cortana Alert Gmail File Sharing ISP Value Workforce OLED Credit Cards PDF HVAC Help Desk Flash Digital Signage Specifications The Internet of Things Data Management Printer Tip of the week Hacker Workers Trending Mobile Computing Default App Evernote Cleaning Recycling Devices Solid State Drive Cryptomining Biometric Security HaaS Authentication Windows 10s Google Search Big Data Downtime YouTube Mouse Windows Server 2008 Safe Mode Security Cameras Cache Smart Office Quick Tips HBO IT Infrastructure Practices Screen Mirroring eWaste Thought Leadership Audit Physical Security Remote Worker Database Telecommuting Manufacturing Amazon Employer-Employee Relationship Networking Shortcuts Bandwidth Save Time Root Cause Analysis Microchip Computer Care Cast Smartwatch Skype Wireless Internet Document Management Camera Outlook Charger Hosted Computing Wireless Legal Wiring Business Technology Travel Remote Work Virtual Reality Amazon Web Services Accountants Enterprise Content Management Mobility Password Manager Nanotechnology Public Cloud Proactive IT Tools Work/Life Balance Search Engine Patch Management Health Start Menu HIPAA USB Frequently Asked Questions Recovery Wireless Charging Inventory Social Sync Multi-Factor Security Criminal Computer Fan Firewall Cabling Data loss Password Management Lithium-ion battery CrashOverride Wireless Technology Tech Support Safety IBM Compliance Productivity Managed Service Provider Marketing Budget Competition Customer Relationship Management Hiring/Firing Regulation IP Address Fun Customer Service Emergency Company Culture Mobile Office Domains Investment Windows 10 Hard Drives Managing Stress Public Speaking Search Printers ROI Presentation Twitter