k_Street Consulting, LLC Blog

What is a Router Botnet? Find Out Today!

What is a Router Botnet? Find Out Today!

Ordinarily, one of the best ways to protect your organization’s infrastructure is to make sure any and all patches administered to the software you use are applied as soon as possible after they’ve been released. However, patches don’t help against threats that aren’t discovered at the moment they are released. The recent spread of BCMUPnP_Hunter botnet shows that it’s not enough for people to keep patching their systems.

Threat Background
This botnet was initially discovered in September. Since then, it has infected devices to support a huge spam email campaign. BCMUPnP_Hunter is able to zero-in on victims thanks to its ability to scan for potential targets, like routers with the BroadCom University Plug and Play feature enabled. The system can then be taken over by the hacker.

It is assumed that the network created by BCMUPnP_Hunter was created to send out spam emails. The threat creates a proxy that communicates with email servers, allowing attackers to use botnets to generate profit through fraudulent clicks. What’s more is that the malware seems to have been created by someone who has a considerable amount of skill. To make things worse is that BCMUPnP_Hunter also appears to scan from over 100,000 sources, making this botnet quite large.

How Does This Prove That Patches Aren’t Working?
In order for BCMUPnP_Hunter to work as intended, it must target devices that have BroadcomUPnP enabled to take advantage of a vulnerability. The thing is that this vulnerability has been patched since 2013 when it was first discovered, meaning that most manufacturers have issued a patch since then. Therefore, the majority of devices being used by this threat are those that haven’t been patched for some reason or another.

The Lesson Learned
A simple lesson can be learned here. It goes to show that any equipment on your infrastructure that’s not maintained could be putting your business at risk. This includes making sure that you implement patches and security updates as soon as they are released. Of course, they aren’t always broadcast to the public--after all, who would want to admit that the product they have created is vulnerable to attack, and that the vulnerability is being exploited? As a business owner, it’s your responsibility to keep up with the latest threats.

Granted, not all business owners have the time or luxury to focus on something like this. For those who want to minimize the threat posed by vulnerabilities, give the IT professionals at k_Street Consulting, LLC a call at (202) 640-2737.

The Pros and Cons of Automating Business Processes
Tip of the Week: Improve Your Business’ Wi-Fi
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Sunday, August 25 2019

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Cybersecurity Cache Consultant LinkedIn IT solutions Business Management Cortana Backup Data loss Administrator Battery Current Events Business Computing Hacker Servers Budget Domains Content Filtering Employee Smartphones Screen Mirroring Office Tips Lifestyle Worker Commute Google Line of Business Collaboration Shortcuts Internet Social Networking Cabling Cloud Hypervisor Tech Support Server Tablet Logistics Software as a Service Internet Exlporer Colocation Digital Signature Cables Pain Points Healthcare End of Support Fiber-Optic Printer Data Security Camera Electronic Health Records Browser Knowledge Scalability Wearable Technology Tech Term Remote Maintenance Google Drive Hardware Administration Theft How to Facebook User Tips Search Engine Database Quick Tips Safety Password Manager SharePoint Books HaaS Evernote Encryption Data Breach Automation Advertising Applications Skype YouTube Content Management IT Infrastructure HBO Virtual Machine Hring/Firing Shadow IT Millennials Regulation Loyalty Windows 10 Managed IT Services Smart Technology Google Apps Save Time Worker Television Data Warehousing Telephone System Mobile Device Net Neutrality Students Computers Computer Accessories PowerPoint Frequently Asked Questions DDoS Computing Infrastructure Help Desk IT Solutions Google Docs Emails History Saving Time Assessment Customers Managed Service Biometrics User Error Root Cause Analysis IBM Proactive Maintenance Managed Services Provider Environment Point of Sale BDR NIST Gmail Phishing Connectivity Security Ransomware Relocation IT Support Content Filter Best Practice Operating System Wireless WIndows 7 Workforce Cleaning VoIP Bloatware Software Tips Internet of Things Mobile Hybrid Cloud Solid State Drive eWaste CrashOverride Sync Touchscreen Router Recovery 5G IoT Employee/Employer Relationship Password Remote Monitoring and Maintenance Congratulations Conferencing Streaming Media Flash Tip of the week Video Games Best Practices Digital Signage Flexibility Android Webinar Social Media Shortcut Product Reviews Alert Chrome Productivity Politics File Versioning Backup and Disaster Recovery Information Unified Communications Analytic Human Resources Manufacturing Storage Tools Customer Relationship Management Rootkit Virtual Assistant Touchpad Value Workplace Tips Intranet Analysis Distribution Apple Transportation Networking Financial IT Plan Charger Statistics Multi-Factor Security User Managed IT Services Emergency Data Management Azure Business Mangement Going Green Troubleshooting Notifications Memory Fraud Mobility Windows 8 Cryptocurrency Company Culture Remote Monitoring analytics Hard Drives Business Continuity Social Engineering Leadership Personal Information Music Hackers Big data Cameras Meetings Compliance Accountants Amazon Business Technology Outlook Smartwatch Online Shopping Website Office Data Recovery ROI Cost Management Digital Payment Vendor Enterprise Content Management GDPR Blockchain Data storage HVAC Antivirus Public Cloud Bing Best Available Maintenance Display Private Cloud Practices Credit Cards iphone Read Customer Service Data Storage Internet exploMicrosoft Robot Security Cameras IT Services VPN Hacking Recycling Application Reputation Professional Services travel Augmented Reality Electronic Medical Records Search Online Currency Infrastructure Comparison Network Congestion Hosted Computing Efficiency Twitter HIPAA Files Social Telephone Systems Inventory Amazon Web Services Law Enforcement Downtime Communication IT Support Hard Drive Mobile Devices Network Security Machine Learning Smartphone Regulations Wire Supercomputer Distributed Denial of Service Windows 10s Holiday Laptop Virus Document Management Unified Threat Management Employer Employee Relationship Audiobook Fax Server Information Technology Sports Utility Computing Devices Wireless Internet Techology Business Owner Specifications Paperless Office People Retail Bluetooth Patch Management Two Factor Authentication Virtual Private Network Trending Strategy Science Telephony Phone System Identity Theft Government Cybercrime Mobile Device Management Audit Instant Messaging The Internet of Things Software Work/Life Balance Keyboard Entertainment Experience malware Multiple Versions SaaS Data Insurance Smart Tech Access Control Virtual Reality Office 365 File Sharing Mobile Office Lithium-ion battery Virtualization Computer Cast Voice over Internet Protocol Update Microchip Mobile Computing Word Microsoft Innovation NarrowBand Legal Public Computer Training Remote Work Productivity Risk Management Gaming Console Cryptomining Proactive Chromecast Windows 7 webinar Managed Service Provider PDF communications Virtual Desktop Project Management Microsoft Office Small Business Vendor Management Physical Security Hosted Solution Outsourced IT Managing Stress Staff FENG Windows Server 2008 Upgrade Hosted Solutions Google Search Warranty Tip of the Week Windows 10 Safe Mode Smart Office Thank You Workers How To Tablets Bandwidth Remote Worker Password Management IT Management Computer Care Disaster Recovery Data Protection Entrepreneur Uninterrupted Power Supply Users Passwords Netflix Botnet eCommerce IT Consultant Health Content Cloud Computing ISP Scam BYOD Vulnerability IaaS Running Cable Save Money Smart Devices Email Data Backup Spam Blocking Start Menu Firewall Proactive IT Business E-Commerce Automobile Network Programming Bring Your Own Device MSP Processor Marketing Samsung Wireless Charging Business Intelligence Apps CES Excel Investment avoiding downtime WiFi RMM Archive App Monitor Humor Remote Computing Education Printer Server Wi-Fi Analyitcs Default App Employer-Employee Relationship OneNote Computer Fan OLED Gadgets Criminal Windows Server 2008 R2 USB Wireless Technology Nanotechnology Operating Systems Black Market Spam Privacy IT service Thought Leadership Addiction Restore Data Hiring/Firing Technology Artificial Intelligence Telecommuting Computer Repair Miscellaneous Windows Media Player Authentication Redundancy Mouse Windows Benefits Managed IT Wiring Procurement Unsupported Software Biometric Security Two-factor Authentication Money Settings Printers Saving Money

Sign up for our Newsletter!

  • Company Name *
  • First Name *
  • Last Name *