Home

About Us

IT Services

Understanding IT

News & Events

Blog

Support

Contact Us

Blog
  • Register

Alternative IT Solutions Blog

What is a Router Botnet? Find Out Today!

What is a Router Botnet? Find Out Today!

Ordinarily, one of the best ways to protect your organization’s infrastructure is to make sure any and all patches administered to the software you use are applied as soon as possible after they’ve been released. However, patches don’t help against threats that aren’t discovered at the moment they are released. The recent spread of BCMUPnP_Hunter botnet shows that it’s not enough for people to keep patching their systems.

Threat Background
This botnet was initially discovered in September. Since then, it has infected devices to support a huge spam email campaign. BCMUPnP_Hunter is able to zero-in on victims thanks to its ability to scan for potential targets, like routers with the BroadCom University Plug and Play feature enabled. The system can then be taken over by the hacker.

It is assumed that the network created by BCMUPnP_Hunter was created to send out spam emails. The threat creates a proxy that communicates with email servers, allowing attackers to use botnets to generate profit through fraudulent clicks. What’s more is that the malware seems to have been created by someone who has a considerable amount of skill. To make things worse is that BCMUPnP_Hunter also appears to scan from over 100,000 sources, making this botnet quite large.

How Does This Prove That Patches Aren’t Working?
In order for BCMUPnP_Hunter to work as intended, it must target devices that have BroadcomUPnP enabled to take advantage of a vulnerability. The thing is that this vulnerability has been patched since 2013 when it was first discovered, meaning that most manufacturers have issued a patch since then. Therefore, the majority of devices being used by this threat are those that haven’t been patched for some reason or another.

The Lesson Learned
A simple lesson can be learned here. It goes to show that any equipment on your infrastructure that’s not maintained could be putting your business at risk. This includes making sure that you implement patches and security updates as soon as they are released. Of course, they aren’t always broadcast to the public--after all, who would want to admit that the product they have created is vulnerable to attack, and that the vulnerability is being exploited? As a business owner, it’s your responsibility to keep up with the latest threats.

Granted, not all business owners have the time or luxury to focus on something like this. For those who want to minimize the threat posed by vulnerabilities, give the IT professionals at Alternative IT Solutions a call at (0)20 8498 4300.

The Pros and Cons of Automating Business Processes
Tip of the Week: Improve Your Business’ Wi-Fi
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Monday, January 21, 2019

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Tip of the Week Security Technology Best Practices Cloud Business Computing Network Security Data Backup Privacy Google Email User Tips Tech Term Mobile Devices Hackers Malware Hosted Solutions Data Recovery Data Managed IT Services Innovation IT Support Microsoft Outsourced IT VoIp Cloud Computing Internet Communication Managed IT Services Hardware Backup Efficiency Smartphone Internet of Things Software IT Services Productivity Communications Network Artificial Intelligence BDR Small Business Smartphones Router Saving Money Chrome Business Workplace Tips Browser Android Windows 10 Business Continuity Ransomware How To Cybersecurity Alert Business Management Cybercrime Gadgets Office 365 Applications Mobile Device Management Data Security Computer Computers Money Spam Holiday Word Windows Mobile Device Collaboration Data Protection Server Phishing Information Two-factor Authentication Disaster Recovery Managed Service Facebook Telephone Systems Settings IT Management Save Money Remote Monitoring BYOD Voice over Internet Protocol Business Intelligence Wi-Fi Identity Theft Miscellaneous Social Media Connectivity Servers Social Engineering Software as a Service Vulnerability Managed IT Spam Blocking Firewall Bring Your Own Device Automation Value Scam Work/Life Balance Virtual Assistant Human Resources Sports Telephony Infrastructure Access Control CES Compliance Law Enforcement Avoiding Downtime Telephone System Private Cloud Password Update Content Management Workers Mobile Computing Google Drive Training Microsoft Office Apps VPN Employer-Employee Relationship Paperless Office Blockchain IT Plan Virtualization Mobility App Networking Machine Learning Credit Cards Unsupported Software Document Management Budget Google Docs Windows 7 Keyboard Redundancy Data Storage Passwords Fraud Data Breach Encryption Botnet Website Operating System Comparison Upgrade OneNote Criminal Addiction Sync Content Filtering Supercomputer Printer Black Market Amazon webinar Google Apps Flash Camera Travel Solid State Drive Telecommuting Cleaning Display Gmail Thought Leadership Augmented Reality Windows 10s Specifications Knowledge NIST Bing Government Downtime Excel Information Technology Lifestyle Unified Threat Management IT Support Mouse Smart Tech Amazon Web Services Physical Security Conferencing Data loss Audit Remote Work Office Tips Leadership Computer Care Security Cameras Recycling Remote Worker Staff Smart Office Start Menu Millennials Network Congestion Cryptocurrency Shortcuts Authentication Root Cause Analysis Tip of the week Cache Regulations Marketing Administrator HVAC Online Shopping Screen Mirroring Entertainment Data Warehousing Hacker eWaste Wiring Digital Signature Tools Public Cloud Workforce Help Desk HaaS Safe Mode Password Manager Nanotechnology WiFi Windows Server 2008 Netflix Wireless Internet Microchip Practices FENG Evernote HBO Multi-Factor Security Cast Proactive IT Accountants Mobile Computer Fan PDF IT Consultant Charger File Sharing Social Big Data Theft Bandwidth HIPAA USB SaaS Enterprise Content Management Hosted Computing Outlook Trending Flexibility IBM Warranty YouTube Professional Services The Internet of Things Software Tips Samsung Smartwatch Legal Electronic Medical Records Risk Management Recovery Vendor Business Mangement Devices Meetings Cortana Patch Management MSP Data Management Wire Skype Current Events Hiring/Firing Password Management Search Engine Inventory Wireless Charging Frequently Asked Questions Rootkit IoT Company Culture Business Owner Loyalty Strategy Healthcare Bata Backup Public Computer Bluetooth Two Factor Authentication Quick Tips Employer Employee Relationship Vendor Management Fiber-Optic Instant Messaging Managing Stress Safety Worker Printers Analysis Electronic Health Records Streaming Media Office VoIP Windows 10 Health Cables Proactive Save Time Insurance Automobile Managed Service Provider Virtual Private Network Content Filter Hacking Battery eCommerce Unified Communications Remote Monitoring and Maintenance Project Management Regulation Employee/Employer Relationship Storage GDPR Education Consultation Assessment Thank You Line of Business Utility Computing Twitter E-Commerce Students Television Computer Accessories Business Technology Congratulations

Latest News & Events

Alternative IT Solutions is proud to announce the launch of our new website at https://www.alternative-IT.co.uk. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our ser...

Contact Us

Learn more about what Alternative IT Solutions can do for your business.

Call Us Today
Call us today
(0)20 8498 4300

Avocet House, Trinity Park, Trinity Way
London, England E4 8TD