Contact us today!
866-348-2602

Total Tech Care Blog

Total Tech Care has been serving the Oakland Park area since 2001, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

What is a Router Botnet? Find Out Today!

What is a Router Botnet? Find Out Today!

Ordinarily, one of the best ways to protect your organization’s infrastructure is to make sure any and all patches administered to the software you use are applied as soon as possible after they’ve been released. However, patches don’t help against threats that aren’t discovered at the moment they are released. The recent spread of BCMUPnP_Hunter botnet shows that it’s not enough for people to keep patching their systems.

Threat Background
This botnet was initially discovered in September. Since then, it has infected devices to support a huge spam email campaign. BCMUPnP_Hunter is able to zero-in on victims thanks to its ability to scan for potential targets, like routers with the BroadCom University Plug and Play feature enabled. The system can then be taken over by the hacker.

It is assumed that the network created by BCMUPnP_Hunter was created to send out spam emails. The threat creates a proxy that communicates with email servers, allowing attackers to use botnets to generate profit through fraudulent clicks. What’s more is that the malware seems to have been created by someone who has a considerable amount of skill. To make things worse is that BCMUPnP_Hunter also appears to scan from over 100,000 sources, making this botnet quite large.

How Does This Prove That Patches Aren’t Working?
In order for BCMUPnP_Hunter to work as intended, it must target devices that have BroadcomUPnP enabled to take advantage of a vulnerability. The thing is that this vulnerability has been patched since 2013 when it was first discovered, meaning that most manufacturers have issued a patch since then. Therefore, the majority of devices being used by this threat are those that haven’t been patched for some reason or another.

The Lesson Learned
A simple lesson can be learned here. It goes to show that any equipment on your infrastructure that’s not maintained could be putting your business at risk. This includes making sure that you implement patches and security updates as soon as they are released. Of course, they aren’t always broadcast to the public--after all, who would want to admit that the product they have created is vulnerable to attack, and that the vulnerability is being exploited? As a business owner, it’s your responsibility to keep up with the latest threats.

Granted, not all business owners have the time or luxury to focus on something like this. For those who want to minimize the threat posed by vulnerabilities, give the IT professionals at Total Tech Care a call at 866-348-2602.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Thursday, 21 March 2019
If you'd like to register, please fill in the username, password and name fields.

Blog Archive

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Free Consultation

      Sign up today for a
      FREE Network Consultation

      How secure is your IT infrastructure?
      Let us evaluate it for free!

      Sign up Now!

      Free Consultation
       

      Tag Cloud

      Security Tip of the Week Technology Best Practices Cloud Privacy Hosted Solutions Hackers Business Computing Backup Google Malware Business Microsoft Network Security Mobile Devices Efficiency Internet Software Innovation Workplace Tips Email Productivity Data User Tips Business Continuity Disaster Recovery IT Services VoIP Hardware Browser communications Windows 10 Productivity Computer Smartphones Smartphone Android Miscellaneous Network Server Tech Term Business Management Chrome Office Outsourced IT Upgrade Save Money Cybercrime Windows Managed IT Services Virtualization Computers Data Backup Hacking Cloud Computing Communication Holiday IT Support Managed Service Provider Microsoft Office Alert Data Recovery Telephone Systems Automation Social Media Ransomware Operating System Social Engineering Internet of Things Mobility Quick Tips Artificial Intelligence Managed IT Services Small Business Mobile Device Management Windows 10 Recovery Employer-Employee Relationship Router Law Enforcement Cybersecurity Office 365 IT Support Mobile Computing App Money Passwords Facebook BYOD Application Saving Money Applications Collaboration Health How To BDR Private Cloud Spam Remote Monitoring Gadgets Wi-Fi Marketing Password Office Tips Information Technology Mobile Device Bandwidth VPN Networking Avoiding Downtime Remote Computing Big Data Mouse Word Managed IT HaaS Flexibility Bring Your Own Device Data Management Work/Life Balance Information IT solutions Entertainment Website Budget Encryption Gmail Google Drive Settings Two-factor Authentication Phishing Data Protection Save Time User Error Paperless Office Meetings Vulnerability Cleaning WiFi Apps Hacker Managed Service History Scam Training Connectivity The Internet of Things Data Breach Lithium-ion battery USB Safety Sports Redundancy Data Security Keyboard Human Resources Voice over Internet Protocol Firewall YouTube Virtual Reality Black Market Fraud Value SaaS Network Congestion Electronic Medical Records Apple Social Spam Blocking Document Management Wireless Technology Solid State Drive Hiring/Firing eWaste Downtime Virus Virtual Assistant CES Data storage Unified Threat Management Botnet Access Control Comparison Hard Drives Data Storage Automobile Computer Accessories Retail Telephone System Instant Messaging Content Management Wearable Technology Robot Excel Business Intelligence Computing Infrastructure Machine Learning Biometrics Windows 7 Blockchain Patch Management Worker IT Management Printer Risk Management Servers Bluetooth Battery Software as a Service IT Plan End of Support Shadow IT Wireless Legal DDoS Physical Security Unsupported Software Internet Exlporer Augmented Reality Update IT Consultant Charger Environment Infrastructure HIPAA PDF Humor Telephony Google Docs OneNote Identity Theft Computer Care Fax Server Proactive IT Cryptocurrency Samsung Government Best Practice Domains Safe Mode HBO Business Mangement Knowledge Experience Analytics Scalability Camera Start Menu Practices Multi-Factor Security Data loss Business Owner Best Available Smartwatch Maintenance Wireless Internet NarrowBand File Sharing Bloatware Outlook Recycling Leadership WIndows 7 Music Search Warranty Tools Hosted Computing Trending Tablets Screen Mirroring Amazon Loyalty IaaS iPhone Employee Wire People Business Technology Entrepreneur Frequently Asked Questions Criminal Troubleshooting How to Administrator Inventory Windows 10s Cast Amazon Web Services Files Digital Signage Shortcut Smart Office PowerPoint Mobile Office Chromecast Windows Media Player Cost Management Tip of the week webinar User Books Employer Employee Relationship Microchip Social Networking Public Cloud Online Shopping Assessment Colocation Google Search Uninterrupted Power Supply Windows Server 2008 Conferencing Managing Stress Emergency Monitor Search Engine Travel Authentication Specifications Memory Evernote Television Cameras Going Green Running Cable Reputation Bing Virtual Desktop Streaming Media Net Neutrality Nanotechnology Audit Millennials HVAC Wireless Charging Content Public Computer Tech Support Laptop Staff Techology Computer Fan Workforce Rootkit Customers Help Desk ISP Science Enterprise Content Management Cortana Audiobook Printer Server Transportation Touchpad MSP Flash Digital Signature Workers FENG Telecommuting Education Vendor Management Shortcuts Customer Relationship Management Cryptomining Devices Password Management Analyitcs Google Apps Politics IBM Advertising Benefits SharePoint Programming Sync Accountants Remote Work Distributed Denial of Service Vendor Customer Service Notifications Database Thought Leadership NIST Software Tips Supercomputer Smart Technology Remote Worker Emails Users Relocation Display Addiction Windows 8 IT service Password Manager Current Events Video Games Two Factor Authentication Antivirus Wiring Skype Smart Tech Netflix Tablet Root Cause Analysis Credit Cards Worker Commute Consultant Security Cameras Cache

      Top Blog

      The reasoning for this is simple: you want to make sure that operations are proceeding as intended, even if you’re not there. If you completely check out from the workplace every time you leave, you could return from your vacation to a complete and total disaster that may have been prevented with y...
      QR-Code