Home

About Us

IT Services

Understanding IT

News & Events

Blog

Support

Contact Us

Blog
  • Register

Alternative IT Solutions Blog

What is a Router Botnet? Find Out Today!

What is a Router Botnet? Find Out Today!

Ordinarily, one of the best ways to protect your organization’s infrastructure is to make sure any and all patches administered to the software you use are applied as soon as possible after they’ve been released. However, patches don’t help against threats that aren’t discovered at the moment they are released. The recent spread of BCMUPnP_Hunter botnet shows that it’s not enough for people to keep patching their systems.

Threat Background
This botnet was initially discovered in September. Since then, it has infected devices to support a huge spam email campaign. BCMUPnP_Hunter is able to zero-in on victims thanks to its ability to scan for potential targets, like routers with the BroadCom University Plug and Play feature enabled. The system can then be taken over by the hacker.

It is assumed that the network created by BCMUPnP_Hunter was created to send out spam emails. The threat creates a proxy that communicates with email servers, allowing attackers to use botnets to generate profit through fraudulent clicks. What’s more is that the malware seems to have been created by someone who has a considerable amount of skill. To make things worse is that BCMUPnP_Hunter also appears to scan from over 100,000 sources, making this botnet quite large.

How Does This Prove That Patches Aren’t Working?
In order for BCMUPnP_Hunter to work as intended, it must target devices that have BroadcomUPnP enabled to take advantage of a vulnerability. The thing is that this vulnerability has been patched since 2013 when it was first discovered, meaning that most manufacturers have issued a patch since then. Therefore, the majority of devices being used by this threat are those that haven’t been patched for some reason or another.

The Lesson Learned
A simple lesson can be learned here. It goes to show that any equipment on your infrastructure that’s not maintained could be putting your business at risk. This includes making sure that you implement patches and security updates as soon as they are released. Of course, they aren’t always broadcast to the public--after all, who would want to admit that the product they have created is vulnerable to attack, and that the vulnerability is being exploited? As a business owner, it’s your responsibility to keep up with the latest threats.

Granted, not all business owners have the time or luxury to focus on something like this. For those who want to minimize the threat posed by vulnerabilities, give the IT professionals at Alternative IT Solutions a call at (0)20 8498 4300.

The Pros and Cons of Automating Business Processes
Tip of the Week: Improve Your Business’ Wi-Fi
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Thursday, June 27, 2019

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Tip of the Week Security Technology Best Practices Business Computing Cloud Privacy Network Security Productivity Email Hosted Solutions User Tips Google Data Backup Hackers Data Internet Malware IT Support Efficiency Innovation Tech Term Mobile Devices Microsoft Cloud Computing Managed IT Services Data Recovery Communications VoIp Workplace Tips Hardware Software Outsourced IT Communication Small Business Network Smartphone Smartphones Managed IT Services Business IT Services Android Windows 10 Business Management Backup Mobile Device Gadgets Internet of Things Server Business Continuity Phishing BDR Saving Money Artificial Intelligence Chrome Browser Cybersecurity Router Alert Cybercrime Ransomware Spam Users How To Information Windows Collaboration Applications Social Media Disaster Recovery Holiday Two-factor Authentication BYOD Miscellaneous Word Data Protection Mobile Device Management Data Security Computers Computer Office 365 Remote Monitoring Money Vulnerability Identity Theft Operating System Social Engineering Staff Facebook Paperless Office Managed IT IT Management Business Intelligence Save Money Software as a Service Servers Telephone Systems Private Cloud Settings Connectivity Training Upgrade Encryption Wi-Fi Managed Service Voice over Internet Protocol Human Resources Sports Update App Infrastructure Access Control Data Storage Virtual Assistant Display Passwords Augmented Reality Microsoft Office Meetings Mobile Computing Proactive IT Networking CES OneNote Apps Budget Bring Your Own Device Password Spam Blocking Telephone System Content Management Mobility Data Breach Value Cryptocurrency Work/Life Balance Credit Cards VPN Telephony Google Docs Blockchain Keyboard Automation Compliance Firewall Fraud Machine Learning Redundancy Document Management Botnet Education Website Workers Google Drive Comparison Law Enforcement Scam IT Plan Unsupported Software Virtualization Government Employer-Employee Relationship Windows 7 Avoiding Downtime The Internet of Things Software Tips Camera Cables Netflix OLED Start Menu Millennials Recovery Database Online Shopping Smart Tech Patch Management Samsung NIST Bing Regulations Electronic Medical Records Digital Signage IT Consultant Frequently Asked Questions Mouse IT Infrastructure Recycling SaaS Smart Office Black Market Hiring/Firing Biometric Security WiFi Bandwidth Virtual Reality Authentication Security Cameras Tools Workforce Cache Solid State Drive Remote Worker Evernote HVAC Flash Shortcuts Flexibility IBM Google Search Mobile Entertainment Downtime Excel Cleaning Administrator Multi-Factor Security Investment eWaste Windows 10s Current Events Digital Signature Physical Security Wireless Theft Cabling Password Manager Nanotechnology Hacker Wireless Internet Audit IT Support Wiring webinar Practices Data loss Safe Mode Supercomputer Net Neutrality Professional Services Accountants Root Cause Analysis Tip of the week Computer Care Microchip Trending ROI Risk Management Quick Tips Knowledge PDF Health 5G Cortana Default App Big Data HIPAA USB Data Warehousing Save Time Wireless Charging Conferencing Hosted Computing Screen Mirroring File Sharing Social Skype Unified Threat Management Help Desk ISP Amazon Office Tips Leadership YouTube Windows Server 2008 Enterprise Content Management Sync Content Filtering Legal Public Cloud Smartwatch Travel Telecommuting Network Congestion FENG HBO Warranty Google Apps Business Mangement Devices Marketing Data Management Wire Computer Fan Manufacturing Inventory Cast Business Technology Vendor Specifications MSP Cryptomining Amazon Web Services Password Management Search Engine Information Technology Lifestyle Criminal Addiction Employee Remote Work HaaS Outlook Charger Printer Gmail Thought Leadership Remote Computing Thank You Managing Stress Instant Messaging Assessment Analysis Electronic Health Records Computer Accessories Streaming Media Printers Unified Communications Congratulations Bata Backup Rootkit Analytics Insurance Business Owner Proactive Television Bluetooth Content Filter Employer Employee Relationship Vendor Management Virtual Private Network Two Factor Authentication Distribution eCommerce Worker Remote Monitoring and Maintenance Public Computer Loyalty Storage VoIP Project Management Office Regulation Employee/Employer Relationship GDPR Logistics Safety Managed Service Provider Line of Business Utility Computing Twitter Windows 10 Students Hacking Battery Proactive Maintenance E-Commerce Fiber-Optic Automobile Consultation IoT Company Culture Strategy Healthcare Remote Maintenance

Latest News & Events

Alternative IT Solutions is proud to announce the launch of our new website at https://www.alternative-IT.co.uk. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our ser...

Contact Us

Learn more about what Alternative IT Solutions can do for your business.

Call Us Today
Call us today
(0)20 8498 4300

Avocet House, Trinity Park, Trinity Way
London, England E4 8TD