Home

About Us

IT Services

Understanding IT

News & Events

Blog

Support

Contact Us

Blog
  • Register

Alternative IT Solutions Blog

What is a Router Botnet? Find Out Today!

What is a Router Botnet? Find Out Today!

Ordinarily, one of the best ways to protect your organization’s infrastructure is to make sure any and all patches administered to the software you use are applied as soon as possible after they’ve been released. However, patches don’t help against threats that aren’t discovered at the moment they are released. The recent spread of BCMUPnP_Hunter botnet shows that it’s not enough for people to keep patching their systems.

Threat Background
This botnet was initially discovered in September. Since then, it has infected devices to support a huge spam email campaign. BCMUPnP_Hunter is able to zero-in on victims thanks to its ability to scan for potential targets, like routers with the BroadCom University Plug and Play feature enabled. The system can then be taken over by the hacker.

It is assumed that the network created by BCMUPnP_Hunter was created to send out spam emails. The threat creates a proxy that communicates with email servers, allowing attackers to use botnets to generate profit through fraudulent clicks. What’s more is that the malware seems to have been created by someone who has a considerable amount of skill. To make things worse is that BCMUPnP_Hunter also appears to scan from over 100,000 sources, making this botnet quite large.

How Does This Prove That Patches Aren’t Working?
In order for BCMUPnP_Hunter to work as intended, it must target devices that have BroadcomUPnP enabled to take advantage of a vulnerability. The thing is that this vulnerability has been patched since 2013 when it was first discovered, meaning that most manufacturers have issued a patch since then. Therefore, the majority of devices being used by this threat are those that haven’t been patched for some reason or another.

The Lesson Learned
A simple lesson can be learned here. It goes to show that any equipment on your infrastructure that’s not maintained could be putting your business at risk. This includes making sure that you implement patches and security updates as soon as they are released. Of course, they aren’t always broadcast to the public--after all, who would want to admit that the product they have created is vulnerable to attack, and that the vulnerability is being exploited? As a business owner, it’s your responsibility to keep up with the latest threats.

Granted, not all business owners have the time or luxury to focus on something like this. For those who want to minimize the threat posed by vulnerabilities, give the IT professionals at Alternative IT Solutions a call at (0)20 8498 4300.

The Pros and Cons of Automating Business Processes
Tip of the Week: Improve Your Business’ Wi-Fi
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Friday, March 22, 2019

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Tip of the Week Security Technology Best Practices Cloud Business Computing Network Security Privacy Hosted Solutions Google Email Data Backup User Tips Mobile Devices Tech Term Productivity Malware Hackers IT Support VoIp Data Recovery Cloud Computing Managed IT Services Innovation Data Microsoft Communications Efficiency Internet Outsourced IT Communication Workplace Tips Managed IT Services Hardware IT Services Software Windows 10 Backup Smartphone Smartphones Internet of Things Network Small Business BDR Saving Money Business Cybersecurity Router Chrome Browser Android Artificial Intelligence Business Management Business Continuity Cybercrime Server Gadgets Ransomware Mobile Device How To Alert Windows Applications Phishing Two-factor Authentication Holiday Computer Word Data Protection Mobile Device Management Data Security Computers Information Money Spam Office 365 Collaboration Disaster Recovery Social Engineering Voice over Internet Protocol Vulnerability Identity Theft Managed IT Save Money Miscellaneous Telephone Systems Paperless Office Facebook Settings BYOD IT Management Connectivity Business Intelligence Software as a Service Servers Private Cloud Wi-Fi Encryption Managed Service Social Media Remote Monitoring Avoiding Downtime CES Augmented Reality Update Data Breach Data Storage Value Telephone System Work/Life Balance Microsoft Office Meetings Mobile Computing Password Content Management OneNote Apps Operating System Cryptocurrency Firewall Bring Your Own Device Automation VPN Spam Blocking Compliance Mobility Credit Cards Blockchain Telephony Document Management Training Google Docs Machine Learning Law Enforcement Keyboard Fraud Redundancy Virtualization Website Workers Google Drive Botnet Upgrade Employer-Employee Relationship Comparison Scam App IT Plan Proactive IT Networking Unsupported Software Passwords Virtual Assistant Human Resources Sports Windows 7 Infrastructure Budget Access Control Remote Work SaaS Outlook Database Hiring/Firing Bandwidth Smart Tech NIST Bing Flexibility Recycling IBM The Internet of Things Software Tips Digital Signage Mouse Start Menu Millennials Recovery Security Cameras Online Shopping Staff Smart Office Patch Management Regulations Cleaning Authentication Shortcuts Current Events Cache Frequently Asked Questions Remote Worker HVAC eWaste Supercomputer Black Market Google Search IT Support WiFi webinar Entertainment Administrator Tools Workforce Solid State Drive Hacker Evernote Digital Signature Flash Computer Care Password Manager Nanotechnology Safe Mode Mobile Quick Tips Knowledge Wireless Internet Downtime Excel Wiring Health Multi-Factor Security Practices Windows 10s Unified Threat Management Physical Security Net Neutrality Save Time Theft Accountants Conferencing Microchip Audit Office Tips PDF Leadership Data loss Big Data File Sharing Social Professional Services HIPAA Network Congestion USB Root Cause Analysis Tip of the week Trending Hosted Computing Risk Management Legal Marketing ISP Cortana YouTube Enterprise Content Management Business Mangement Devices Data Warehousing Smartwatch Wireless Charging Screen Mirroring Warranty Skype Business Technology Vendor Amazon HaaS Data Management Wire Windows Server 2008 Sync Charger Content Filtering Inventory Public Cloud Help Desk Travel Telecommuting Criminal Addiction FENG HBO MSP Cryptomining Google Apps Netflix Password Management Search Engine Gmail Thought Leadership Computer Fan Employee Government Cast Printer Samsung Specifications Display Electronic Medical Records Amazon Web Services IT Consultant Camera Information Technology Lifestyle Congratulations Managing Stress Streaming Media Instant Messaging Rootkit Cables Analysis Electronic Health Records Business Owner Television Printers Bluetooth Two Factor Authentication Analytics Employer Employee Relationship Vendor Management Insurance Content Filter Proactive Unified Communications Bata Backup Worker Public Computer Virtual Private Network Loyalty eCommerce Office Distribution Storage Remote Monitoring and Maintenance Safety Regulation Employee/Employer Relationship Managed Service Provider Education Project Management Windows 10 GDPR Logistics Hacking Battery VoIP Twitter Line of Business Automobile Utility Computing Students E-Commerce Manufacturing IoT Company Culture Thank You Fiber-Optic Strategy Healthcare Consultation Assessment Remote Computing Computer Accessories

Latest News & Events

Alternative IT Solutions is proud to announce the launch of our new website at https://www.alternative-IT.co.uk. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our ser...

Contact Us

Learn more about what Alternative IT Solutions can do for your business.

Call Us Today
Call us today
(0)20 8498 4300

Avocet House, Trinity Park, Trinity Way
London, England E4 8TD