Contact us today!

Total Tech Care Blog

Total Tech Care has been serving the Oakland Park area since 2001, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

What is a Router Botnet? Find Out Today!

What is a Router Botnet? Find Out Today!

Ordinarily, one of the best ways to protect your organization’s infrastructure is to make sure any and all patches administered to the software you use are applied as soon as possible after they’ve been released. However, patches don’t help against threats that aren’t discovered at the moment they are released. The recent spread of BCMUPnP_Hunter botnet shows that it’s not enough for people to keep patching their systems.

Threat Background
This botnet was initially discovered in September. Since then, it has infected devices to support a huge spam email campaign. BCMUPnP_Hunter is able to zero-in on victims thanks to its ability to scan for potential targets, like routers with the BroadCom University Plug and Play feature enabled. The system can then be taken over by the hacker.

It is assumed that the network created by BCMUPnP_Hunter was created to send out spam emails. The threat creates a proxy that communicates with email servers, allowing attackers to use botnets to generate profit through fraudulent clicks. What’s more is that the malware seems to have been created by someone who has a considerable amount of skill. To make things worse is that BCMUPnP_Hunter also appears to scan from over 100,000 sources, making this botnet quite large.

How Does This Prove That Patches Aren’t Working?
In order for BCMUPnP_Hunter to work as intended, it must target devices that have BroadcomUPnP enabled to take advantage of a vulnerability. The thing is that this vulnerability has been patched since 2013 when it was first discovered, meaning that most manufacturers have issued a patch since then. Therefore, the majority of devices being used by this threat are those that haven’t been patched for some reason or another.

The Lesson Learned
A simple lesson can be learned here. It goes to show that any equipment on your infrastructure that’s not maintained could be putting your business at risk. This includes making sure that you implement patches and security updates as soon as they are released. Of course, they aren’t always broadcast to the public--after all, who would want to admit that the product they have created is vulnerable to attack, and that the vulnerability is being exploited? As a business owner, it’s your responsibility to keep up with the latest threats.

Granted, not all business owners have the time or luxury to focus on something like this. For those who want to minimize the threat posed by vulnerabilities, give the IT professionals at Total Tech Care a call at 866-348-2602.



No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Thursday, 24 January 2019
If you'd like to register, please fill in the username, password and name fields.

Blog Archive

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Free Consultation

      Sign up today for a
      FREE Network Consultation

      How secure is your IT infrastructure?
      Let us evaluate it for free!

      Sign up Now!

      Free Consultation

      Tag Cloud

      Security Tip of the Week Technology Best Practices Cloud Privacy Hackers Hosted Solutions Backup Business Computing Google Malware Business Microsoft Network Security Mobile Devices Internet Software Innovation Productivity Data Efficiency Disaster Recovery Business Continuity Workplace Tips User Tips Email IT Services VoIP Browser Hardware Smartphones Windows 10 Computer Smartphone communications Miscellaneous Android Network Tech Term Server Chrome Outsourced IT Office Business Management Upgrade Save Money Virtualization Computers Managed IT Services Data Backup Cybercrime IT Support Communication Hacking Windows Holiday Productivity Managed Service Provider Cloud Computing Telephone Systems Microsoft Office Automation Social Media Data Recovery Ransomware Alert Social Engineering Mobility Router Managed IT Services Recovery Employer-Employee Relationship Internet of Things Small Business Mobile Device Management Artificial Intelligence Money Office 365 Passwords App Operating System Facebook Applications Cybersecurity Collaboration Law Enforcement Mobile Computing Windows 10 BYOD Application Saving Money Quick Tips Office Tips Information Technology IT Support VPN Marketing BDR Health Spam Bandwidth Remote Monitoring How To Wi-Fi Networking Password Information Word Big Data Mobile Device Google Drive Gmail Flexibility Settings Avoiding Downtime IT solutions Two-factor Authentication Entertainment Private Cloud Remote Computing Website Budget Gadgets Mouse HaaS Managed IT Bring Your Own Device Data Management Work/Life Balance Apps Phishing Hacker Managed Service Encryption History Training Safety The Internet of Things Vulnerability Connectivity Lithium-ion battery Sports Redundancy Keyboard Scam Data Breach WiFi Human Resources Firewall Voice over Internet Protocol USB Data Security Data Protection User Error Cleaning Spam Blocking Access Control Electronic Medical Records Meetings Comparison Instant Messaging Excel Paperless Office Wearable Technology Robot Content Management Battery Hiring/Firing Biometrics Machine Learning End of Support Shadow IT Legal Blockchain Physical Security Risk Management Botnet Data Storage Internet Exlporer Wireless Virus Business Intelligence HIPAA PDF DDoS Patch Management Windows 7 Worker Unified Threat Management Computer Accessories IT Management Update Environment Servers Government Best Practice Software as a Service IT Plan Infrastructure YouTube Fax Server Black Market Google Docs Identity Theft Printer Unsupported Software Bluetooth Virtual Reality Document Management Charger Solid State Drive SaaS Wireless Technology Downtime Network Congestion Telephony OneNote Save Time Computer Care Apple Fraud Social Data storage IT Consultant Automobile Samsung eWaste Virtual Assistant Humor Value Computing Infrastructure Retail Hard Drives Telephone System CES Reputation Streaming Media Tools Search Engine Screen Mirroring Content Loyalty Online Shopping Tech Support Consultant Troubleshooting Laptop Memory Analytics Frequently Asked Questions Techology Windows 10s Authentication Customers Specifications Bing Cast Audiobook Running Cable Evernote Virtual Desktop Best Available Books Touchpad WIndows 7 Tip of the week webinar Public Cloud Education Nanotechnology Employer Employee Relationship Millennials Help Desk Science Politics HVAC Assessment Advertising Wireless Charging Emergency Windows Server 2008 MSP Conferencing Staff Workforce Notifications Travel Shortcuts Enterprise Content Management Television Cortana Customer Relationship Management User Analyitcs PowerPoint Windows Media Player Augmented Reality Digital Signature Audit Users Devices Relocation SharePoint Telecommuting Programming Vendor Password Management Public Computer Distributed Denial of Service Google Apps Proactive IT Customer Service Managing Stress Remote Worker Video Games Accountants Display Computer Fan Worker Commute Thought Leadership Rootkit Remote Work Windows 8 Cameras NIST Transportation IT service Flash Wiring Workers Scalability Security Cameras FENG Business Owner Addiction Vendor Management Antivirus Tablet Cryptocurrency IBM Password Manager NarrowBand Smart Tech Benefits Domains Sync Camera Search Smartwatch Cache iPhone Credit Cards Printer Server Software Tips Safe Mode Supercomputer Business Mangement Maintenance Practices Smart Technology Multi-Factor Security Bloatware Warranty Emails How to Wireless Internet Files Tablets File Sharing Current Events IaaS Recycling Chromecast Hosted Computing Two Factor Authentication People Trending Entrepreneur Skype Administrator Netflix Root Cause Analysis Wire Colocation Amazon Uninterrupted Power Supply HBO Knowledge Criminal Experience Shortcut Inventory Monitor Mobile Office Cost Management Start Menu Microchip Data loss Smart Office Amazon Web Services Social Networking Music Going Green Outlook Leadership

      Top Blog

      The reasoning for this is simple: you want to make sure that operations are proceeding as intended, even if you’re not there. If you completely check out from the workplace every time you leave, you could return from your vacation to a complete and total disaster that may have been prevented with y...