Infracore LLC Blog

What is a Router Botnet? Find Out Today!

What is a Router Botnet? Find Out Today!

Ordinarily, one of the best ways to protect your organization’s infrastructure is to make sure any and all patches administered to the software you use are applied as soon as possible after they’ve been released. However, patches don’t help against threats that aren’t discovered at the moment they are released. The recent spread of BCMUPnP_Hunter botnet shows that it’s not enough for people to keep patching their systems.

Threat Background
This botnet was initially discovered in September. Since then, it has infected devices to support a huge spam email campaign. BCMUPnP_Hunter is able to zero-in on victims thanks to its ability to scan for potential targets, like routers with the BroadCom University Plug and Play feature enabled. The system can then be taken over by the hacker.

It is assumed that the network created by BCMUPnP_Hunter was created to send out spam emails. The threat creates a proxy that communicates with email servers, allowing attackers to use botnets to generate profit through fraudulent clicks. What’s more is that the malware seems to have been created by someone who has a considerable amount of skill. To make things worse is that BCMUPnP_Hunter also appears to scan from over 100,000 sources, making this botnet quite large.

How Does This Prove That Patches Aren’t Working?
In order for BCMUPnP_Hunter to work as intended, it must target devices that have BroadcomUPnP enabled to take advantage of a vulnerability. The thing is that this vulnerability has been patched since 2013 when it was first discovered, meaning that most manufacturers have issued a patch since then. Therefore, the majority of devices being used by this threat are those that haven’t been patched for some reason or another.

The Lesson Learned
A simple lesson can be learned here. It goes to show that any equipment on your infrastructure that’s not maintained could be putting your business at risk. This includes making sure that you implement patches and security updates as soon as they are released. Of course, they aren’t always broadcast to the public--after all, who would want to admit that the product they have created is vulnerable to attack, and that the vulnerability is being exploited? As a business owner, it’s your responsibility to keep up with the latest threats.

Granted, not all business owners have the time or luxury to focus on something like this. For those who want to minimize the threat posed by vulnerabilities, give the IT professionals at Infracore LLC a call at (858) 509-1970.

The Pros and Cons of Automating Business Processes
Tip of the Week: Improve Your Business’ Wi-Fi


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Friday, March 22 2019

Captcha Image

Tag Cloud

Tip of the Week Security Technology Best Practices Privacy Cloud Business computing Google Hosted Solutions Network Security Productivity Malware Data Software Innovation User Tips Hackers Microsoft Internet Hardware Smartphones Business Email Mobile Devices Backup Tech Term Workplace Tips Android IT Services VoIP Business Continuity Smartphone Data Backup Efficiency Browser Windows 10 Communications Business Management Cloud Computing Computer Disaster Recovery Small Business Outsourced IT Managed IT Services Data Recovery Alert Computers Windows 10 Artificial Intelligence Router Miscellaneous Ransomware Office Chrome Communication Managed IT Services Network Law Enforcement Internet of Things Cybercrime IT Support Cybersecurity Windows Server How To Quick Tips Telephone Systems Productivity Office 365 Holiday Money Passwords Health Password Applications Facebook Virtualization Collaboration Social Media Mobile Device Gadgets Spam Google Drive Automation App Saving Money Upgrade Wi-Fi Information Word Private Cloud Social Engineering Work/Life Balance Voice over Internet Protocol HaaS Vulnerability Office Tips Settings Two-factor Authentication IT Support Mobile Device Management Bring Your Own Device Encryption Microsoft Office Hacking Save Money Connectivity Paperless Office Phishing Mobility Operating System Keyboard Data Security BDR Managed Service Apps Scam Data Breach Data Protection Computer Care Content Management Windows 7 Battery Software as a Service Public Cloud Botnet BYOD Business Intelligence Samsung Blockchain Electronic Medical Records Data Storage Update Bandwidth Identity Theft Remote Computing Augmented Reality Meetings Training End of Support OneNote Entertainment Infrastructure IT Management USB Value History Flexibility Cryptocurrency Redundancy Servers Spam Blocking Firewall Networking Avoiding Downtime VPN Legal IT Plan Human Resources Automobile Save Time Employer-Employee Relationship Google Docs PDF Fraud Access Control Charger Machine Learning Patch Management Unsupported Software Comparison Data Management Virtual Assistant Website CES Managed Service Provider Remote Monitoring Cleaning Government Managed IT Worker Sports Big Data Telephone System Telephony Marketing Music Virtual Reality Password Management Security Cameras Network Congestion Amazon Web Services Nanotechnology Instant Messaging Mobile Computing Cast Recovery Recycling Outlook Transportation Safety Remote Work Practices Video Games Audiobook File Sharing Business Technology Politics Rootkit How to Smart Office Administrator Emails Books Assessment Humor Internet Exlporer Digital Signature Proactive IT Skype Employer Employee Relationship Workers Addiction Wearable Technology Files Worker Commute NIST Hacker Solid State Drive Flash IT Consultant Online Shopping Smart Tech Camera Data storage eWaste Education Shortcuts Frequently Asked Questions Benefits Hybrid Cloud Hosted Computing Travel Black Market Document Management Microchip Television Millennials Net Neutrality Start Menu Computer Accessories Cache Multi-Factor Security HIPAA Smartwatch Audit Leadership Evernote WiFi Criminal Computing Infrastructure Social Excel Apple Credit Cards Inventory Scalability Remote Worker Vendor Management Search Engine IT solutions Physical Security Emergency Public Computer Internet exploMicrosoft Workforce ISP Tools Bluetooth Password Manager Troubleshooting Loyalty Trending Safe Mode Employee Computer Fan Sync Wireless Charging Devices Wireless Wireless Internet Warranty HVAC Vendor Tip of the week Smart Technology Current Events iPhone Wiring Data loss Bing Advertising Accountants Best Practice Cryptomining Downtime Business Mangement Printer webinar SaaS Relocation User Error Staff Digital Signage The Internet of Things Cortana Thought Leadership Wire Techology Users Enterprise Content Management Display Windows 10s Windows Server 2008 Two Factor Authentication Knowledge Amazon Authentication Information Technology Unified Threat Management Screen Mirroring Experience YouTube Help Desk HBO Telecommuting Content MSP Database Root Cause Analysis Risk Management Monitor Gmail Mouse Conferencing Software Tips Specifications Google Search FENG Hiring/Firing Google Apps Search Company Culture Compliance Managing Stress Biometric Security Webinar Regulation Printers CrashOverride Thank You Congratulations Twitter

Recent Comments

Thaddeus Greer Can Chargers Be Interchanged Between Devices?
21 March 2019
The infracore is known as the heart of the information technology all over the world and the issue d...
AngusCousens What is Encryption, Anyways?
19 March 2019
When we hold the computer the basic and stylish accessories with the desktop is the requirement of e...
Kevyn Hawkins In the Midst of Chaotic Financial Markets, Technology Remains a Constant
15 March 2019
For the finance market we have to read this blog really and very carefully for the chapter of the pa...
Micheal williams Tip of the Week: Improve Email Open Rates With an Attention-Grabbing Title
15 March 2019
In this modern world, technology has changed the world and even it has created many chances to creat...
Maddison Franklin Tip of the Week: Improve Email Open Rates With an Attention-Grabbing Title
14 March 2019
IT is the heart of technology all over the world and there are many ease by the use of this technolo...