Contact us today!

Total Tech Care Blog

Total Tech Care has been serving the Oakland Park area since 2001, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

What is a Router Botnet? Find Out Today!

What is a Router Botnet? Find Out Today!

Ordinarily, one of the best ways to protect your organization’s infrastructure is to make sure any and all patches administered to the software you use are applied as soon as possible after they’ve been released. However, patches don’t help against threats that aren’t discovered at the moment they are released. The recent spread of BCMUPnP_Hunter botnet shows that it’s not enough for people to keep patching their systems.

Threat Background
This botnet was initially discovered in September. Since then, it has infected devices to support a huge spam email campaign. BCMUPnP_Hunter is able to zero-in on victims thanks to its ability to scan for potential targets, like routers with the BroadCom University Plug and Play feature enabled. The system can then be taken over by the hacker.

It is assumed that the network created by BCMUPnP_Hunter was created to send out spam emails. The threat creates a proxy that communicates with email servers, allowing attackers to use botnets to generate profit through fraudulent clicks. What’s more is that the malware seems to have been created by someone who has a considerable amount of skill. To make things worse is that BCMUPnP_Hunter also appears to scan from over 100,000 sources, making this botnet quite large.

How Does This Prove That Patches Aren’t Working?
In order for BCMUPnP_Hunter to work as intended, it must target devices that have BroadcomUPnP enabled to take advantage of a vulnerability. The thing is that this vulnerability has been patched since 2013 when it was first discovered, meaning that most manufacturers have issued a patch since then. Therefore, the majority of devices being used by this threat are those that haven’t been patched for some reason or another.

The Lesson Learned
A simple lesson can be learned here. It goes to show that any equipment on your infrastructure that’s not maintained could be putting your business at risk. This includes making sure that you implement patches and security updates as soon as they are released. Of course, they aren’t always broadcast to the public--after all, who would want to admit that the product they have created is vulnerable to attack, and that the vulnerability is being exploited? As a business owner, it’s your responsibility to keep up with the latest threats.

Granted, not all business owners have the time or luxury to focus on something like this. For those who want to minimize the threat posed by vulnerabilities, give the IT professionals at Total Tech Care a call at 866-348-2602.



No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Wednesday, 19 June 2019
If you'd like to register, please fill in the username, password and name fields.

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Free Consultation

      Sign up today for a
      FREE Network Consultation

      How secure is your IT infrastructure?
      Let us evaluate it for free!

      Sign up Now!

      Free Consultation

      Tag Cloud

      Security Tip of the Week Technology Best Practices Cloud Privacy Hosted Solutions Business Computing Hackers Backup Business Google Microsoft Malware Network Security Internet Efficiency Email Mobile Devices Innovation Software Data Workplace Tips User Tips Productivity Productivity Business Continuity Disaster Recovery Hardware communications IT Services VoIP Browser Smartphones Smartphone Miscellaneous Network Windows 10 Android Computer Business Management Server Tech Term Office Upgrade Chrome Outsourced IT Cloud Computing Virtualization Computers Managed IT Services Communication Data Backup Save Money Cybercrime Windows Small Business Social Media Holiday IT Support Hacking Ransomware IT Support Data Recovery Telephone Systems Managed IT Services Automation Alert Windows 10 Managed Service Provider Microsoft Office Router Internet of Things BYOD Gadgets Mobile Device Management Artificial Intelligence Recovery Employer-Employee Relationship Collaboration Operating System Social Engineering Mobility Quick Tips Mobile Device Users Cybersecurity Office 365 Mobile Computing Law Enforcement App Facebook Application Saving Money Health Money Passwords Spam Remote Monitoring Applications Information Marketing BDR Office Tips Private Cloud Information Technology Bandwidth Wi-Fi VPN Networking Password How To Phishing Flexibility Avoiding Downtime IT solutions Entertainment Website Training Budget Gmail Managed IT HaaS Bring Your Own Device Settings Data Management Work/Life Balance Two-factor Authentication Remote Computing Big Data Encryption Mouse Google Drive Word User Error Keyboard Meetings Government Staff WiFi Vulnerability Managed Service Connectivity Hacker History Scam The Internet of Things Lithium-ion battery USB Wireless Data Breach Save Time Voice over Internet Protocol Cleaning Human Resources Apps Data Security Firewall Virtual Reality Data Protection Education Safety Sports Paperless Office Redundancy Unified Threat Management Proactive IT Retail Computer Accessories Machine Learning Hard Drives Instant Messaging Blockchain Botnet Data Storage Wearable Technology Best Practice Robot Excel YouTube Biometrics Black Market Business Intelligence Windows 7 Printer Patch Management Worker Update Bluetooth Risk Management IT Management Document Management Solid State Drive Servers Wireless Technology Augmented Reality Google Docs Software as a Service Downtime IT Plan DDoS Identity Theft Infrastructure IT Consultant Data storage Unsupported Software Display Automobile Cryptocurrency Environment Charger Humor Computing Infrastructure Fax Server Fraud Telephony Computer Care OneNote Samsung Battery End of Support SaaS Shadow IT Legal Network Congestion Apple Value Social Comparison Physical Security Internet Exlporer CES Spam Blocking Virtual Assistant Electronic Medical Records eWaste Access Control PDF Virus HIPAA Hiring/Firing Content Management Telephone System Cast OLED Search Engine Social Networking Authentication Millennials Relocation Tip of the week webinar Books Wireless Charging Employer Employee Relationship Video Games Managing Stress Public Cloud Cabling Bing Assessment Nanotechnology Worker Commute Workforce Windows Server 2008 Conferencing Cameras HVAC Emergency Memory Cables Scalability Travel Running Cable Default App Help Desk Television Virtual Desktop Business Owner Telecommuting NarrowBand Enterprise Content Management Cortana MSP Digital Signature Search Audit Google Search IT Infrastructure Shortcuts Public Computer Devices Science Remote Work iPhone Google Apps Printer Server Password Management Rootkit Accountants How to Computer Fan Net Neutrality Vendor Customer Relationship Management Thought Leadership Files Flash Chromecast Workers NIST Transportation Analyitcs Remote Worker Vendor Management Programming FENG SharePoint ISP Distributed Denial of Service Uninterrupted Power Supply IBM Customer Service Addiction Credit Cards Colocation Password Manager Sync Benefits Wiring Smart Tech Multi-Factor Security Monitor Cryptomining Software Tips Security Cameras Supercomputer Cache Windows 8 Business Mangement Going Green Emails IT service Safe Mode Smart Technology Streaming Media Camera Practices Trending Reputation Antivirus Database Consultant Tech Support Smartwatch Current Events Wireless Internet Tablet Content Amazon Recycling Techology Skype Laptop Netflix Domains Analytics File Sharing Two Factor Authentication Manufacturing Warranty Hosted Computing Customers Root Cause Analysis HBO Best Available Employee Knowledge Maintenance Wire Experience Audiobook Amazon Web Services Criminal Start Menu WIndows 7 Touchpad Business Technology Bloatware Biometric Security Administrator Inventory Data loss Advertising Outlook IaaS Digital Signage Leadership Smart Office Music Tablets Politics Online Shopping Entrepreneur Tools People Screen Mirroring 5G Notifications Microchip Loyalty Specifications Frequently Asked Questions Shortcut Troubleshooting Evernote Cost Management Windows Media Player User Windows 10s Mobile Office PowerPoint

      Top Blog

      The reasoning for this is simple: you want to make sure that operations are proceeding as intended, even if you’re not there. If you completely check out from the workplace every time you leave, you could return from your vacation to a complete and total disaster that may have been prevented with y...