fbpx
253.777.0763    Get SUPPORT

Graemouse Technologies Blog

What is a Router Botnet? Find Out Today!

What is a Router Botnet? Find Out Today!

Ordinarily, one of the best ways to protect your organization’s infrastructure is to make sure any and all patches administered to the software you use are applied as soon as possible after they’ve been released. However, patches don’t help against threats that aren’t discovered at the moment they are released. The recent spread of BCMUPnP_Hunter botnet shows that it’s not enough for people to keep patching their systems.

Threat Background
This botnet was initially discovered in September. Since then, it has infected devices to support a huge spam email campaign. BCMUPnP_Hunter is able to zero-in on victims thanks to its ability to scan for potential targets, like routers with the BroadCom University Plug and Play feature enabled. The system can then be taken over by the hacker.

It is assumed that the network created by BCMUPnP_Hunter was created to send out spam emails. The threat creates a proxy that communicates with email servers, allowing attackers to use botnets to generate profit through fraudulent clicks. What’s more is that the malware seems to have been created by someone who has a considerable amount of skill. To make things worse is that BCMUPnP_Hunter also appears to scan from over 100,000 sources, making this botnet quite large.

How Does This Prove That Patches Aren’t Working?
In order for BCMUPnP_Hunter to work as intended, it must target devices that have BroadcomUPnP enabled to take advantage of a vulnerability. The thing is that this vulnerability has been patched since 2013 when it was first discovered, meaning that most manufacturers have issued a patch since then. Therefore, the majority of devices being used by this threat are those that haven’t been patched for some reason or another.

The Lesson Learned
A simple lesson can be learned here. It goes to show that any equipment on your infrastructure that’s not maintained could be putting your business at risk. This includes making sure that you implement patches and security updates as soon as they are released. Of course, they aren’t always broadcast to the public--after all, who would want to admit that the product they have created is vulnerable to attack, and that the vulnerability is being exploited? As a business owner, it’s your responsibility to keep up with the latest threats.

Granted, not all business owners have the time or luxury to focus on something like this. For those who want to minimize the threat posed by vulnerabilities, give the IT professionals at Graemouse Technologies a call at 253.777.0763.

The Pros and Cons of Automating Business Processes
Tip of the Week: Improve Your Business’ Wi-Fi
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Thursday, January 17 2019

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Update Wire Email Data Management Voice over Internet Protocol Unified Threat Management Help Desk Access Control Printer Productivity Online Data Recovery Wireless Internet Physical Security Hiring/Firing Cloud Servers Best Practices Business Infrastructure Google Drive Charger Budget Operating System Data Storage Hackers Data Breach Passwords Server Accountants Ransomware Sync Cybersecurity Tip of the Week IT Management Cybercrime Machine Learning Avoiding Downtime Keyboard Hardware Communication Small Business Mobile Computing Applications Business Intelligence Network Telephone System IT Services Authentication Scam Comparison Display Smartphone Collaboration Office Excel Managed IT Services Automation Virtual Assistant Holiday CES Privacy Marketing Blockchain Windows 10 Windows 10s Bring Your Own Device Windows Knowledge Microsoft Office Business Computing Legal Wi-Fi IBM Mobile Device Thought Leadership Meetings Paperless Office Quick Tips Innovation Employer-Employee Relationship Spam Blocking Encryption Mouse Patch Management Internet of Things Business Continuity Tech Term Office 365 Fraud Outsourced IT Redundancy Software Millennials Managed IT Social Engineering App Information Miscellaneous Wireless Charging Government Sports Amazon Data Backup Internet Facebook Data Protection Alert Smartphones Backup Google Docs Microsoft Save Money Apps Managed IT Services Saving Money Vulnerability Telephone Systems Hacker Network Security Identity Theft Two-factor Authentication Unsupported Software OneNote Multi-Factor Security Conferencing Managed Service Artificial Intelligence Law Enforcement Social Media Browser Cleaning Health Safe Mode Technology Spam HVAC Human Resources Networking Word Productivity Devices BDR Security Mobile Devices Work/Life Balance BYOD Business Mangement Botnet Business Management Google User Tips Router IT Support Computers Cortana IT Plan Big Data Remote Monitoring Computer Communications Software as a Service Windows 7 Windows 10 Money Disaster Recovery VoIP Managed Service Provider Android Website VPN Network Congestion Telephony Gadgets The Internet of Things Bandwidth Enterprise Content Management Public Cloud Phishing Staff Data Security Upgrade Data Hosted Solutions Workplace Tips Password Malware Cloud Computing USB Settings Mobile Device Management Tools Chrome How To Connectivity Virtualization Safety Private Cloud Content Management Efficiency

Newsletter Sign Up