Contact us today!
866-348-2602

Total Tech Care Blog

Total Tech Care has been serving Florida since 2001, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

What is a Router Botnet? Find Out Today!

What is a Router Botnet? Find Out Today!

Ordinarily, one of the best ways to protect your organization’s infrastructure is to make sure any and all patches administered to the software you use are applied as soon as possible after they’ve been released. However, patches don’t help against threats that aren’t discovered at the moment they are released. The recent spread of BCMUPnP_Hunter botnet shows that it’s not enough for people to keep patching their systems.

Threat Background
This botnet was initially discovered in September. Since then, it has infected devices to support a huge spam email campaign. BCMUPnP_Hunter is able to zero-in on victims thanks to its ability to scan for potential targets, like routers with the BroadCom University Plug and Play feature enabled. The system can then be taken over by the hacker.

It is assumed that the network created by BCMUPnP_Hunter was created to send out spam emails. The threat creates a proxy that communicates with email servers, allowing attackers to use botnets to generate profit through fraudulent clicks. What’s more is that the malware seems to have been created by someone who has a considerable amount of skill. To make things worse is that BCMUPnP_Hunter also appears to scan from over 100,000 sources, making this botnet quite large.

How Does This Prove That Patches Aren’t Working?
In order for BCMUPnP_Hunter to work as intended, it must target devices that have BroadcomUPnP enabled to take advantage of a vulnerability. The thing is that this vulnerability has been patched since 2013 when it was first discovered, meaning that most manufacturers have issued a patch since then. Therefore, the majority of devices being used by this threat are those that haven’t been patched for some reason or another.

The Lesson Learned
A simple lesson can be learned here. It goes to show that any equipment on your infrastructure that’s not maintained could be putting your business at risk. This includes making sure that you implement patches and security updates as soon as they are released. Of course, they aren’t always broadcast to the public--after all, who would want to admit that the product they have created is vulnerable to attack, and that the vulnerability is being exploited? As a business owner, it’s your responsibility to keep up with the latest threats.

Granted, not all business owners have the time or luxury to focus on something like this. For those who want to minimize the threat posed by vulnerabilities, give the IT professionals at Total Tech Care a call at 866-348-2602.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Thursday, 28 March 2024
If you'd like to register, please fill in the username, password and name fields.

Blog Archive

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Free Consultation

      Sign up today for a
      FREE Network Consultation

      How secure is your IT infrastructure?
      Let us evaluate it for free!

      Sign up Now!

      Free Consultation
       

      Tag Cloud

      Security Tip of the Week Technology Best Practices Business Computing Cloud Privacy Hackers Productivity Hosted Solutions Efficiency Software Network Security Business Google Microsoft Internet Email Malware Backup Workplace Tips Innovation User Tips Data Computer Mobile Devices Hardware IT Services Disaster Recovery Android VoIP communications IT Support Business Continuity Smartphones Communication Smartphone Miscellaneous Mobile Device Small Business Network Browser Collaboration Productivity Cybersecurity Quick Tips Users Business Management Managed IT Services Windows Upgrade Phishing Outsourced IT Ransomware Data Backup Windows 10 Office Server Save Money Data Recovery Cloud Computing Windows 10 Passwords Tech Term Saving Money Holiday Gadgets Chrome Virtualization Social Media Managed IT Services Microsoft Office Managed Service Automation Cybercrime Operating System Artificial Intelligence Facebook Computers BYOD Health Mobile Device Management Internet of Things Networking IT Support Wi-Fi Hacking Remote Spam Alert Managed Service Provider Office 365 Telephone Systems Covid-19 Information Information Technology Recovery Employer-Employee Relationship Router Bandwidth BDR Social Engineering Mobility Application Human Resources Law Enforcement Data Breach Remote Monitoring Big Data Password Money App History Encryption Mobile Computing Applications Data Storage Patch Management Government Remote Computing Private Cloud Mobile Office Managed IT Blockchain Paperless Office Apps How To Office Tips Training VPN IT solutions Entertainment Settings Vulnerability Website Budget Windows 7 Word Two-factor Authentication Avoiding Downtime Servers Mouse HaaS Data Security Bring Your Own Device Data Management Work/Life Balance Wireless Flexibility Marketing Infrastructure Voice over Internet Protocol Gmail WiFi Google Drive HIPAA Sports Conferencing Redundancy Firewall Keyboard Scam USB Data Protection Virtual Reality Apple Social Vendor Management User Error Save Time Meetings Vendor Managed Services Cleaning Telephone System Staff Software as a Service Display Risk Management Machine Learning Hacker Connectivity Remote Work End of Support Employee/Employer Relationship The Internet of Things Physical Security Lithium-ion battery Education RMM Safety Customer Service PDF Printer Augmented Reality Bluetooth Environment Fraud Business Intelligence Fax Server Proactive IT Digital Signage Remote Worker Audit Worker Best Practice SaaS IT Management Cryptocurrency YouTube IT Consultant Black Market Botnet IT Plan Procurement Comparison Net Neutrality Workplace Strategy Network Congestion Humor eWaste Document Management Unsupported Software Solid State Drive CES Wireless Technology Help Desk How to Printing Downtime Charger Business Technology Content Management Compliance Access Control Data storage OneNote Computer Care Managed Services Provider Wearable Technology Automobile Virtual Assistant Retail Current Events Hard Drives Database Telephony Authentication Instant Messaging Robot Computing Infrastructure Samsung Excel Remote Workers Going Green Biometrics Virtual Desktop Value Processor Virus Update Spam Blocking Electronic Medical Records Unified Threat Management Battery DDoS Hard Drive Shadow IT Computer Accessories Google Docs Legal Hiring/Firing Identity Theft SharePoint Internet Exlporer Computing Password Management PCI DSS Assessment Password Manager Virtual Machine Multi-Factor Security Employee Windows Server 2008 2FA Fiber Optics Twitter Messaging Relocation Cabling Tools Search Engine Antivirus NIST Policy Television Business Mangement Hypervisor Windows 8 Printer Server Trending Dark mode IT service Video Games Smart Tech Trend Micro Addiction SMS Amazon Default App Worker Commute Experience Procedure Public Computer Recycling Saving Time Tablet Transportation Google Search Regulations Wiring dark theme Domains Scalability Practices Shopping Computer Fan Cache AI Rootkit Amazon Web Services IT Infrastructure Business Owner IaaS Safe Mode FinTech Maintenance Criminal NarrowBand Bing Benefits GDPR Search Workers Hosted Computing Social Network Bloatware FENG Wireless Internet iPhone Online Shopping Investment File Sharing Employees IBM Employee/Employer Relationships Tablets Smart Technology Specifications ISP Flash Camera Windows 365 Inventory Entrepreneur Wire Video Conferencing Files Consultant Evernote ROI Software Tips Sales Shortcut Supercomputer Bitcoin Chromecast Analytics Travel Shortcuts Millennials Cryptomining Sync Printers Point of Sale Emails Personal Cost Management Smart Office Supply Chain Management Social Networking Colocation Best Available Wireless Charging Uninterrupted Power Supply Monitoring WIndows 7 Batteries Two Factor Authentication Workforce Virtual Private Network Windows 8.1 Netflix Digitize Monitor Root Cause Analysis Cables Windows Server 2008 R2 Running Cable HBO Customer relationships Knowledge Memory Music Telecommuting Manufacturing Streaming Media Skype Project Management Email Best Practices Nanotechnology IT Assessment Reputation Content Data loss Cortana Tech Support Windows Media Player Outlook Computer Tips Techology User Leadership Digital Signature Managed IT Service Laptop PowerPoint Troubleshooting Security Cameras OneDrive Customers Biometric Security Start Menu Warranty Virtual CIO Audiobook Screen Mirroring HVAC Peripheral Loyalty Google Apps Science Books Frequently Asked Questions Digital Security Cameras Managing Stress Analysis Using Data Touchpad Windows 10s Devices Copiers 5G Mobile Administrator Distributed Denial of Service Politics Cast Enterprise Content Management Quick Tip Customer Relationship Management Advertising Cameras Emergency Smartwatch Tip of the week MSP Ergonomics webinar Accountants Analyitcs Public Cloud Thought Leadership Development Programming Employer Employee Relationship Credit Cards OLED Notifications Professional Services Microchip

      Top Blog

      The reasoning for this is simple: you want to make sure that operations are proceeding as intended, even if you’re not there. If you completely check out from the workplace every time you leave, you could return from your vacation to a complete and total disaster that may have been prevented with y...
      QR-Code