Infracore LLC Blog

What is a Router Botnet? Find Out Today!

What is a Router Botnet? Find Out Today!

Ordinarily, one of the best ways to protect your organization’s infrastructure is to make sure any and all patches administered to the software you use are applied as soon as possible after they’ve been released. However, patches don’t help against threats that aren’t discovered at the moment they are released. The recent spread of BCMUPnP_Hunter botnet shows that it’s not enough for people to keep patching their systems.

Threat Background
This botnet was initially discovered in September. Since then, it has infected devices to support a huge spam email campaign. BCMUPnP_Hunter is able to zero-in on victims thanks to its ability to scan for potential targets, like routers with the BroadCom University Plug and Play feature enabled. The system can then be taken over by the hacker.

It is assumed that the network created by BCMUPnP_Hunter was created to send out spam emails. The threat creates a proxy that communicates with email servers, allowing attackers to use botnets to generate profit through fraudulent clicks. What’s more is that the malware seems to have been created by someone who has a considerable amount of skill. To make things worse is that BCMUPnP_Hunter also appears to scan from over 100,000 sources, making this botnet quite large.

How Does This Prove That Patches Aren’t Working?
In order for BCMUPnP_Hunter to work as intended, it must target devices that have BroadcomUPnP enabled to take advantage of a vulnerability. The thing is that this vulnerability has been patched since 2013 when it was first discovered, meaning that most manufacturers have issued a patch since then. Therefore, the majority of devices being used by this threat are those that haven’t been patched for some reason or another.

The Lesson Learned
A simple lesson can be learned here. It goes to show that any equipment on your infrastructure that’s not maintained could be putting your business at risk. This includes making sure that you implement patches and security updates as soon as they are released. Of course, they aren’t always broadcast to the public--after all, who would want to admit that the product they have created is vulnerable to attack, and that the vulnerability is being exploited? As a business owner, it’s your responsibility to keep up with the latest threats.

Granted, not all business owners have the time or luxury to focus on something like this. For those who want to minimize the threat posed by vulnerabilities, give the IT professionals at Infracore LLC a call at (858) 509-1970.

The Pros and Cons of Automating Business Processes
Tip of the Week: Improve Your Business’ Wi-Fi
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Friday, January 18 2019

Captcha Image

Tag Cloud

Tip of the Week Security Technology Best Practices Privacy Cloud Google Business computing Network Security Data Hosted Solutions Malware Hackers Microsoft Software User Tips Innovation Tech Term Internet Hardware Business Backup Smartphones Mobile Devices Business Continuity Data Backup Smartphone Email Browser Windows 10 VoIP Computer Android Productivity IT Services Outsourced IT Disaster Recovery Small Business Managed IT Services Alert Workplace Tips Communications Business Management Data Recovery Cloud Computing Ransomware Computers Miscellaneous Chrome Office Efficiency Communication Artificial Intelligence Managed IT Services Router Law Enforcement Windows 10 Cybercrime Network Office 365 Telephone Systems How To Password Applications Holiday Facebook Virtualization Windows Collaboration Cybersecurity Productivity Money Passwords IT Support Internet of Things Social Media App Gadgets Social Engineering Spam Google Drive Wi-Fi Automation Saving Money Quick Tips Information Upgrade Mobile Device Work/Life Balance Health Word Server Private Cloud Microsoft Office Vulnerability Hacking Data Protection Settings Voice over Internet Protocol Bring Your Own Device Save Money Mobility Two-factor Authentication Mobile Device Management Keyboard Connectivity Managed Service Phishing Apps HaaS Data Security Scam Data Breach Office Tips BDR IT Support Website CES Remote Computing Government Software as a Service Telephony Samsung Windows 7 Electronic Medical Records Botnet Flexibility Training Bandwidth Entertainment Content Management BYOD Public Cloud Data Storage Legal USB Value Automobile Business Intelligence Firewall Networking Blockchain Servers OneNote IT Management Identity Theft End of Support Paperless Office Redundancy Update Employer-Employee Relationship Avoiding Downtime Data Management Charger Encryption History Spam Blocking Infrastructure Patch Management IT Plan Machine Learning Virtual Assistant Cleaning VPN Operating System Marketing Worker Human Resources PDF Unsupported Software Big Data Fraud Access Control Battery Google Docs Telephone System Remote Monitoring Computer Care Sports Managed IT Comparison Managed Service Provider Employer Employee Relationship Monitor File Sharing Conferencing Software Tips Books Assessment Amazon Authentication FENG Education Cast Wearable Technology Telecommuting Smart Office Administrator Black Market IT Consultant Gmail Specifications Camera Outlook Benefits Google Apps NIST Hacker Computing Infrastructure Computer Accessories Augmented Reality Emails Scalability Television Amazon Web Services Nanotechnology Shortcuts Skype Remote Work Practices Humor Internet Exlporer Document Management Microchip Solid State Drive Flash Recovery Leadership Recycling Meetings Travel Vendor Management Digital Signature Files Frequently Asked Questions Wireless Workers Addiction Cryptocurrency Bluetooth Data storage Remote Worker Emergency Public Computer Online Shopping Smart Tech Hybrid Cloud Social Start Menu Best Practice Troubleshooting Loyalty Hosted Computing Search Engine Audit Save Time eWaste Safe Mode Millennials Wireless Internet Warranty Excel Smart Technology Current Events Cache Techology Users Multi-Factor Security HIPAA Wiring IT solutions Physical Security Information Technology Evernote Apple HVAC Vendor Tools Content SaaS Credit Cards Inventory Internet exploMicrosoft Bing Computer Fan Sync WiFi Criminal Data loss Experience Workforce Wire Printer Tip of the week Search Two Factor Authentication Knowledge Password Manager Virtual Reality Risk Management Trending Unified Threat Management Instant Messaging Wireless Charging Devices iPhone Enterprise Content Management Display Downtime MSP webinar Video Games Audiobook Advertising YouTube Help Desk The Internet of Things Hiring/Firing Screen Mirroring Music Accountants Relocation User Error Mouse Windows 10s Windows Server 2008 How to Network Congestion Business Mangement Worker Commute Politics Rootkit Staff Mobile Computing HBO Transportation Safety Cortana Thought Leadership Password Management Security Cameras Root Cause Analysis Company Culture Compliance Twitter Managing Stress Regulation Smartwatch Printers Webinar CrashOverride Thank You Congratulations

Mobile? Grab this Article!

QR-Code dieser Seite

Recent Comments

AngusCousens Preventing Identity Theft Should be a Priority, But Do You Know How to Handle It?
27 December 2018
What a good story you have written and I feel good reading about your story and we should share thin...
George Nivison Bring Your Own Device Is Great...When Applied Properly
21 December 2018
If you think you device get slow then try once again for the device sharing speed with the connectin...
Chantale Bass Tip of the Week: How to Use Tabs to Their Full Potential
15 December 2018
Tabs we need to use only with the ways of the potentially uses from the internet use and also for th...
JoseSClark How You Can Get Microsoft Office Certified
14 December 2018
Many users want to get Microsoft Office certified for theirselve and it was a good post for them. Re...
Donna Brock 3 Significant Ways the Cloud Can Grow Your Business
13 December 2018
In every field of life technology have a big name and now technology provide the facility to save yo...