Contact us today!
866-348-2602

Total Tech Care Blog

Total Tech Care has been serving Florida since 2001, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

What is a Router Botnet? Find Out Today!

What is a Router Botnet? Find Out Today!

Ordinarily, one of the best ways to protect your organization’s infrastructure is to make sure any and all patches administered to the software you use are applied as soon as possible after they’ve been released. However, patches don’t help against threats that aren’t discovered at the moment they are released. The recent spread of BCMUPnP_Hunter botnet shows that it’s not enough for people to keep patching their systems.

Threat Background
This botnet was initially discovered in September. Since then, it has infected devices to support a huge spam email campaign. BCMUPnP_Hunter is able to zero-in on victims thanks to its ability to scan for potential targets, like routers with the BroadCom University Plug and Play feature enabled. The system can then be taken over by the hacker.

It is assumed that the network created by BCMUPnP_Hunter was created to send out spam emails. The threat creates a proxy that communicates with email servers, allowing attackers to use botnets to generate profit through fraudulent clicks. What’s more is that the malware seems to have been created by someone who has a considerable amount of skill. To make things worse is that BCMUPnP_Hunter also appears to scan from over 100,000 sources, making this botnet quite large.

How Does This Prove That Patches Aren’t Working?
In order for BCMUPnP_Hunter to work as intended, it must target devices that have BroadcomUPnP enabled to take advantage of a vulnerability. The thing is that this vulnerability has been patched since 2013 when it was first discovered, meaning that most manufacturers have issued a patch since then. Therefore, the majority of devices being used by this threat are those that haven’t been patched for some reason or another.

The Lesson Learned
A simple lesson can be learned here. It goes to show that any equipment on your infrastructure that’s not maintained could be putting your business at risk. This includes making sure that you implement patches and security updates as soon as they are released. Of course, they aren’t always broadcast to the public--after all, who would want to admit that the product they have created is vulnerable to attack, and that the vulnerability is being exploited? As a business owner, it’s your responsibility to keep up with the latest threats.

Granted, not all business owners have the time or luxury to focus on something like this. For those who want to minimize the threat posed by vulnerabilities, give the IT professionals at Total Tech Care a call at 866-348-2602.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, 25 December 2024
If you'd like to register, please fill in the username, password and name fields.

Blog Archive

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Free Consultation

      Sign up today for a
      FREE Network Consultation

      How secure is your IT infrastructure?
      Let us evaluate it for free!

      Sign up Now!

      Free Consultation
       

      Tag Cloud

      Security Tip of the Week Technology Best Practices Business Computing Cloud Privacy Hackers Productivity Hosted Solutions Efficiency Software Network Security Business Google Microsoft Internet Email Malware Workplace Tips Backup Innovation Data User Tips Computer Mobile Devices IT Services Hardware Android VoIP Disaster Recovery communications Smartphones IT Support Communication Business Continuity Miscellaneous Smartphone Mobile Device Browser Small Business Network Collaboration Productivity Quick Tips Cybersecurity Users Business Management Upgrade Windows Phishing Managed IT Services Outsourced IT Ransomware Data Backup Windows 10 Server Save Money Cloud Computing Office Data Recovery Passwords Windows 10 Gadgets Chrome Tech Term Virtualization Social Media Saving Money Holiday Managed Service Microsoft Office Automation Managed IT Services Operating System Artificial Intelligence Computers Facebook Cybercrime IT Support Wi-Fi Hacking BYOD Mobile Device Management Internet of Things Health Networking Alert Covid-19 Information Managed Service Provider Spam Office 365 Telephone Systems Remote Information Technology Social Engineering Mobility Router Recovery Bandwidth Employer-Employee Relationship BDR Big Data Remote Monitoring Password Money Encryption App Applications History Mobile Computing Data Breach Application Law Enforcement Human Resources Paperless Office Remote Computing How To Managed IT Mobile Office Apps Data Storage Patch Management Office Tips Training VPN Government Blockchain Private Cloud Two-factor Authentication Mouse Bring Your Own Device HaaS Data Management Work/Life Balance Infrastructure Voice over Internet Protocol Vulnerability Flexibility Windows 7 Marketing Word WiFi Wireless Google Drive IT solutions Entertainment Servers Website Budget Gmail Avoiding Downtime Settings Data Security Managed Services Telephone System Virtual Reality Staff Software as a Service Display Apple Save Time Machine Learning Social Connectivity Remote Work Employee/Employer Relationship User Error Cleaning RMM Meetings Conferencing End of Support Risk Management Education Physical Security Scam Hacker Safety Data Protection HIPAA Sports The Internet of Things Redundancy Lithium-ion battery Keyboard Vendor Management USB Firewall Vendor Wireless Technology Samsung SaaS Solid State Drive How to Downtime Remote Workers Value Processor Network Congestion Data storage Update eWaste Automobile Spam Blocking Electronic Medical Records Hard Drive Google Docs Computing Infrastructure Hiring/Firing Identity Theft Going Green Computing Virus Wearable Technology Hard Drives Retail Battery Augmented Reality Instant Messaging Unified Threat Management Computer Accessories Robot Excel Shadow IT Fraud Legal Business Intelligence Remote Worker Biometrics Digital Signage Virtual Desktop Audit Internet Exlporer Worker IT Management Cryptocurrency Printer DDoS Botnet PDF Bluetooth Procurement IT Plan SharePoint Workplace Strategy Comparison Net Neutrality Proactive IT Unsupported Software CES Help Desk Printing Best Practice YouTube Charger Customer Service Business Technology IT Consultant Environment Black Market Content Management Access Control Compliance Computer Care Managed Services Provider Fax Server OneNote Virtual Assistant Current Events Humor Document Management Telephony Authentication Database Tablet Cables Windows Server 2008 R2 Root Cause Analysis Domains HBO Customer relationships Knowledge Music Skype Project Management Email Best Practices Files Nanotechnology IT Assessment Consultant Telecommuting Manufacturing Chromecast Cortana Analytics IaaS Maintenance Data loss Outlook Computer Tips Bloatware Leadership Digital Signature Managed IT Service Troubleshooting Security Cameras Start Menu Warranty Virtual CIO Colocation OneDrive Best Available Uninterrupted Power Supply Biometric Security WIndows 7 Tablets Loyalty Google Apps Screen Mirroring HVAC Peripheral Frequently Asked Questions Digital Security Cameras Entrepreneur Monitor Analysis Using Data Books Mobile Administrator Windows 10s Devices Copiers 5G Shortcut Cast Enterprise Content Management Quick Tip Tip of the week MSP Ergonomics Cost Management Reputation webinar Accountants Streaming Media Emergency Smartwatch Content Professional Services Microchip Social Networking Public Cloud Thought Leadership Development Tech Support Employer Employee Relationship Credit Cards OLED User Laptop Assessment Password Manager Virtual Machine PowerPoint Windows Media Player Techology Password Management PCI DSS Windows Server 2008 2FA Customers Fiber Optics Multi-Factor Security Employee Running Cable Audiobook Tools Search Engine Twitter Messaging Cabling Managing Stress Memory Touchpad Television Business Mangement Hypervisor NIST Policy Dark mode Smart Tech Trend Micro Trending Cameras Politics Advertising Addiction SMS Amazon Default App Public Computer Recycling Saving Time Procedure Regulations Wiring dark theme Practices Shopping Notifications Transportation Google Search Computer Fan Cache AI Science Rootkit Amazon Web Services IT Infrastructure Criminal Bing Safe Mode FinTech GDPR Relocation Workers Hosted Computing Social Network Benefits Printer Server Distributed Denial of Service Customer Relationship Management FENG Wireless Internet Online Shopping Investment Video Games File Sharing Employees Analyitcs IBM Employee/Employer Relationships Worker Commute Flash Camera Windows 365 Programming Inventory Smart Technology Specifications ISP Evernote ROI Experience Wire Video Conferencing Scalability Software Tips Sales Supercomputer Bitcoin Travel Shortcuts Antivirus Business Owner Sync Printers Point of Sale Emails Personal Millennials Cryptomining Windows 8 NarrowBand Wireless Charging Smart Office Supply Chain Management IT service Search Monitoring Batteries Virtual Private Network Windows 8.1 iPhone Netflix Digitize Two Factor Authentication Workforce

      Top Blog

      The reasoning for this is simple: you want to make sure that operations are proceeding as intended, even if you’re not there. If you completely check out from the workplace every time you leave, you could return from your vacation to a complete and total disaster that may have been prevented with y...
      QR-Code