XFER Blog

XFER has been serving Michigan since 1994, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

What is a Router Botnet? Find Out Today!

What is a Router Botnet? Find Out Today!

Ordinarily, one of the best ways to protect your organization’s infrastructure is to make sure any and all patches administered to the software you use are applied as soon as possible after they’ve been released. However, patches don’t help against threats that aren’t discovered at the moment they are released. The recent spread of BCMUPnP_Hunter botnet shows that it’s not enough for people to keep patching their systems.

Threat Background
This botnet was initially discovered in September. Since then, it has infected devices to support a huge spam email campaign. BCMUPnP_Hunter is able to zero-in on victims thanks to its ability to scan for potential targets, like routers with the BroadCom University Plug and Play feature enabled. The system can then be taken over by the hacker.

It is assumed that the network created by BCMUPnP_Hunter was created to send out spam emails. The threat creates a proxy that communicates with email servers, allowing attackers to use botnets to generate profit through fraudulent clicks. What’s more is that the malware seems to have been created by someone who has a considerable amount of skill. To make things worse is that BCMUPnP_Hunter also appears to scan from over 100,000 sources, making this botnet quite large.

How Does This Prove That Patches Aren’t Working?
In order for BCMUPnP_Hunter to work as intended, it must target devices that have BroadcomUPnP enabled to take advantage of a vulnerability. The thing is that this vulnerability has been patched since 2013 when it was first discovered, meaning that most manufacturers have issued a patch since then. Therefore, the majority of devices being used by this threat are those that haven’t been patched for some reason or another.

The Lesson Learned
A simple lesson can be learned here. It goes to show that any equipment on your infrastructure that’s not maintained could be putting your business at risk. This includes making sure that you implement patches and security updates as soon as they are released. Of course, they aren’t always broadcast to the public--after all, who would want to admit that the product they have created is vulnerable to attack, and that the vulnerability is being exploited? As a business owner, it’s your responsibility to keep up with the latest threats.

Granted, not all business owners have the time or luxury to focus on something like this. For those who want to minimize the threat posed by vulnerabilities, give the IT professionals at XFER a call at 734-927-6666 / 800-438-9337.

The Pros and Cons of Automating Business Processes
Tip of the Week: Improve Your Business’ Wi-Fi
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, March 20 2019
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Security Technology Tip of the Week Privacy Microsoft Internet Cloud Best Practices Saving Money Backup Workplace Tips Software Business Computing Hosted Solutions Managed Service Provider Data Hackers Google Small Business Mobile Devices Hardware VoIP Productivity Mobile Office Malware Email Gadgets Network Security Quick Tips Efficiency Business Management Network Innovation IT Support IT Services Social Media Business Server Business Continuity Smartphones Miscellaneous Upgrade Communication Windows Virtualization Communications User Tips Disaster Recovery Data Backup Computer Managed IT Services Microsoft Office Data Recovery Smartphone Users Passwords Browser Mobile Device Management Internet of Things Android Holiday Marketing Save Money WiFi Vendor Management Tech Term Outsourced IT Ransomware Productivity Alert BDR Artificial Intelligence Mobile Computing Cloud Computing Cybercrime Operating System Windows 10 Remote Monitoring Chrome Router Remote Computing Avoiding Downtime Computers Bring Your Own Device Cybersecurity Apple Automation BYOD Information Technology Big Data Firewall VPN IT Solutions The Internet of Things Managed IT Services Current Events Health Telephone Systems Collaboration Best Practice History Going Green Spam Printer Windows 10 Employer-Employee Relationship Facebook Trending Phone System Application Wireless Technology Hacking IT Consultant Social Engineering Proactive IT Office IT Support Mobility Budget Lithium-ion Battery Bandwidth Money Mobile Device Excel Encryption App Unified Threat Management Business Intelligence Phishing Two-factor Authentication Business Managament iPhone Training Recovery Mouse Fax Server Maintenance Private Cloud Content Filtering Windows 8 How To Office 365 Applications Networking Data Protection PowerPoint Antivirus User Error Blockchain Settings Humor Google Drive Word Outlook Analytics Tutorials Managed IT Customer Relationship Management File Sharing Data Security Virus Hard Drives Access Control Sports Save Time Redundancy Value Law Enforcement Website Information Apps Gmail Entertainment Managed Service Paperless Office Business Technology Saving Time Administrator Augmented Reality Connectivity Retail Human Resources Vulnerability Downtime Memory Identity Theft Network Congestion Hacker Voice over Internet Protocol Inbound Marketing Wi-Fi Social Conferencing IT Management Meetings Data Management Search Servers Tablet Administration Tech Support Twitter Machine Learning Office Tips Document Management Digital Payment Social Networking Streaming Media Risk Management Scam Software as a Service Analysis Computer Repair Compliance Flexibility Public Cloud Programming Skype SaaS Update Piracy IBM Virtual Private Network Instant Messaging Running Cable Leadership Intranet Environment Comparison Wearable Technology OneNote Data storage Telephony Google Docs Computer Accessories Virtual Assistant Windows 7 Net Neutrality Biometrics IT service Internet Exlporer Data Storage eWaste Botnet Healthcare Webinar PDF Display Keyboard Best Available HaaS End of Support Bluetooth Telephone System Safety Work/Life Balance Data Breach People YouTube Credit Cards Help Desk Government Workers Samsung Robot Touchscreen Smart Tech USB CES Cryptocurrency Fraud Online Currency DDoS Point of Sale Solid State Drive IT Plan Recycling Data loss Education Manufacturing Black Market Content Management Video Surveillance Spam Blocking Statistics Cleaning Password Unsupported Software Wireless Physical Security Infrastructure Customer Service Notifications Electronic Medical Records Practices Sync Cables Webcam Search Engine Colocation Law Firm IT Windows 10s Accountants Consultant Cryptomining Laptop Windows Server 2008 Amazon Web Services Business Owner Company Culture Addiction Enterprise Content Management Employee/Employer Relationship ISP Shadow IT Software Tips Remote Work Charger Cast Wiring SharePoint Password Manager Cameras Hybrid Cloud PC Care Hiring/Firing Hosted Computing Proactive Unified Communications HIPAA LinkedIn Students Bing IaaS Computing Infrastructure Staff 3D Licensing Database Touchpad Online Shopping Scheduling Cache Project Management eBay Hosted Solution Password Management WIndows 7 File Versioning Legal Computer Care Windows 8.1 Update Devices GDPR Virtual Reality Relocation Business Mangement Shortcuts Printer Server Shortcut Smartwatch Data Warehousing Specifications Alerts Inventory Remote Monitoring and Maintenance Monitor Start Menu Theft Worker Commute Digital Signature Audit Debate IoT User Distribution Regulations Evernote Wireless Internet Warranty Text Messaging Netflix NIST Managing Stress Domains Multiple Versions HBO Thought Leadership E-Commerce Bloatware Travel Criminal Electronic Health Records eCommerce Employee Millennials Work Station Root Cause Analysis Line of Business Science Reputation Mobile Cortana Gaming Console Internet exploMicrosoft Multi-Factor Security Strategy Computer Fan Logistics Wireless Charging Supercomputer Wire Microchip Restore Data NarrowBand Frequently Asked Questions Content Filter Camera Entrepreneur Vendor Digital Signage Uninterrupted Power Supply Workforce Authentication MSP Tablets Customers Professional Services Google Apps Windows Media Player Virtual Desktop Advertising Lifestyle IT Security FENG Insurance Hiring/Firing Flash Fiber-Optic Knowledge Smart Office Patch Management Print Server Safe Mode Macro Backup and Disaster Recovery Chromecast Tip of the week Amazon Storage Cost Management Distributed Denial of Service Files 360 nternet Emails Crowdfunding HVAC Security Cameras Co-managed IT Google Search Telecommuting Remote Support Screen Mirroring Nanotechnology Remote Worker Upgrades Analyitcs Tools Biometric Security Politics Transportation How to Television Troubleshooting Webinar Techology Benefits Automobile Public Computer IT solutions Employer Employee Relationship CrashOverride Smart Technology Books Loyalty Thank You Experience Two Factor Authentication Regulation Battery Content Emergency Video Games Worker Congratulations Music Audiobook Utility Computing Scalability Assessment Printers Rootkit

Sign up for our Newsletter!

  • Company Name *
  • First Name *
  • Last Name *