window._mfq = window._mfq || []; (function() { var mf = document.createElement("script"); mf.type = "text/javascript"; mf.async = true; mf.src = "//cdn.mouseflow.com/projects/0148bb62-7ff8-46ae-a466-bf3fd13c7d09.js"; document.getElementsByTagName("head")[0].appendChild(mf); })();
407-478-6600    Get SUPPORT

TaylorWorks Blog

What is a Router Botnet? Find Out Today!

What is a Router Botnet? Find Out Today!

Ordinarily, one of the best ways to protect your organization’s infrastructure is to make sure any and all patches administered to the software you use are applied as soon as possible after they’ve been released. However, patches don’t help against threats that aren’t discovered at the moment they are released. The recent spread of BCMUPnP_Hunter botnet shows that it’s not enough for people to keep patching their systems.

Threat Background
This botnet was initially discovered in September. Since then, it has infected devices to support a huge spam email campaign. BCMUPnP_Hunter is able to zero-in on victims thanks to its ability to scan for potential targets, like routers with the BroadCom University Plug and Play feature enabled. The system can then be taken over by the hacker.

It is assumed that the network created by BCMUPnP_Hunter was created to send out spam emails. The threat creates a proxy that communicates with email servers, allowing attackers to use botnets to generate profit through fraudulent clicks. What’s more is that the malware seems to have been created by someone who has a considerable amount of skill. To make things worse is that BCMUPnP_Hunter also appears to scan from over 100,000 sources, making this botnet quite large.

How Does This Prove That Patches Aren’t Working?
In order for BCMUPnP_Hunter to work as intended, it must target devices that have BroadcomUPnP enabled to take advantage of a vulnerability. The thing is that this vulnerability has been patched since 2013 when it was first discovered, meaning that most manufacturers have issued a patch since then. Therefore, the majority of devices being used by this threat are those that haven’t been patched for some reason or another.

The Lesson Learned
A simple lesson can be learned here. It goes to show that any equipment on your infrastructure that’s not maintained could be putting your business at risk. This includes making sure that you implement patches and security updates as soon as they are released. Of course, they aren’t always broadcast to the public--after all, who would want to admit that the product they have created is vulnerable to attack, and that the vulnerability is being exploited? As a business owner, it’s your responsibility to keep up with the latest threats.

Granted, not all business owners have the time or luxury to focus on something like this. For those who want to minimize the threat posed by vulnerabilities, give the IT professionals at TaylorWorks a call at 407-478-6600.

The Pros and Cons of Automating Business Processes
Tip of the Week: Improve Your Business’ Wi-Fi
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, January 16 2019
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Tag Cloud

Tip of the Week Security Technology Cloud Network Security Best Practices Business Computing Privacy Data Backup Managed IT Services Hackers Hosted Solutions Malware Data Recovery VoIP Mobile Devices Email Data Google Outsourced IT Innovation User Tips Tech Term Internet Microsoft Internet of Things Backup Cloud Computing Business Continuity Hardware Software Saving Money Business BDR Communications IT Services Efficiency Cybersecurity Communication Ransomware Managed IT Services Smartphone IT Support Smartphones Cybercrime Router Productivity Artificial Intelligence Android Small Business Windows 10 Browser Chrome Network Applications Disaster Recovery Workplace Tips IT Support Business Management Gadgets Phishing How To Law Enforcement Managed IT Computer Blockchain Access Control Data Security Virtualization Holiday Information Data Protection Server Office 365 Mobility Money Mobile Device Collaboration Windows BYOD Spam Mobile Device Management Word Two-factor Authentication Save Money Business Intelligence Computers Avoiding Downtime App Remote Monitoring Apps Facebook Productivity IT Management Telephone Systems Analysis Redundancy Vulnerability Settings Voice over Internet Protocol Training Miscellaneous Document Management Upgrade Managed Service Software as a Service Social Media Alert Compliance Connectivity Identity Theft Firewall Automation Social Engineering Wi-Fi Encryption Servers Machine Learning Passwords Bandwidth Proactive IT Google Drive Fraud Paperless Office Hacker Data loss Networking Flexibility Mobile Computing Budget Unified Threat Management Smart Tech Solid State Drive Microsoft Office Password Google Docs Workers Information Technology Business Owner Human Resources Private Cloud Education Bring Your Own Device Big Data Website Infrastructure IT Plan OneNote Keyboard VPN Windows 7 Comparison Work/Life Balance Data Breach Unsupported Software Telephony Data Storage CES Sports Virtual Assistant Spam Blocking File Sharing Update Credit Cards Scam Content Management Telephone System Value Operating System Botnet Employer-Employee Relationship Theft Data Warehousing Thought Leadership FENG WiFi HIPAA Search Engine Strategy Flash YouTube Worker Commute Line of Business Printer Leadership Tip of the week Marketing Workforce Battery Windows 10s Travel The Internet of Things Legal Entertainment Camera Recycling Cache USB Vendor Netflix Mobile NIST MSP Google Apps Streaming Media Remote Computing Bing Hard Drives Amazon Mouse Windows Server 2008 Students Telecommuting SaaS Screen Mirroring Authentication eWaste Current Events Computing Infrastructure HBO Wireless Internet Users Recovery Display Cleaning Insurance Professional Services Cryptocurrency Data Management Remote Worker Content Filter Help Desk Sync Amazon Web Services Administrator Staff webinar Public Cloud Healthcare Remote Work Fiber-Optic Cast Nanotechnology Audit Virtual Private Network Criminal Knowledge Outlook Wire Business Technology Security Cameras Computer Care Cortana Practices Tools Safe Mode Wiring Password Manager Storage Multi-Factor Security Shortcuts Accountants Emails HVAC Online Shopping Wireless Save Time Government Windows 10 Risk Management Microchip Managed Service Provider Digital Signature Conferencing Regulations Electronic Health Records Patch Management Proactive Cables Project Management Network Congestion End of Support Frequently Asked Questions Specifications Samsung Root Cause Analysis Hosted Computing GDPR Business Mangement Software Tips Downtime Trending eCommerce Charger Skype Enterprise Content Management Evernote Unified Communications Health Devices Computer Fan Office Tips PDF Virtual Reality Remote Monitoring and Maintenance Warranty Electronic Medical Records IT Consultant Excel Smart Office Millennials Black Market Content Filtering Technology Tips Meetings Inventory Augmented Reality E-Commerce Gmail Physical Security Addiction HaaS Lifestyle Instant Messaging Social IoT Start Menu Password Management Wireless Technology Wireless Charging Hacking Public Computer Files IBM Video Games Worker Safety Transportation Advertising Books Regulation Loyalty Office Colocation How to Automobile History Customer Relationship Management Rootkit Company Culture Competition Benefits Best Practice Employer Employee Relationship Search IP Address Relocation Printers Troubleshooting Techology Customer Service Scalability Managing Stress Smart Technology Computer Accessories Mobile Office Emergency Humor Two Factor Authentication Internet Exlporer Shadow IT Hosted Solution Domains User Error CrashOverride Experience Vendor Management Bluetooth Hybrid Cloud Assessment Employee/Employer Relationship Public Speaking Content Twitter Music Hiring/Firing Webinar Presentation Television Politics Utility Computing Lithium-ion battery Fun Internet exploMicrosoft Smartwatch Quick Tips Audiobook Tech Support Wearable Technology IT solutions 5G

Mobile? Grab this Article!

QR-Code dieser Seite