Our Blog: Stuff we think you should know

Spreading Botnet has Years-Old Flaw to Thank

Spreading Botnet has Years-Old Flaw to Thank

When asked how one can prevent threats from attacking a business’ infrastructure, one of the first answers that we’d give is to ensure that all patches have been applied. Doing so will help to stop an attack from infecting your systems, if a patch has been successfully developed. Unfortunately, the recent spread of the BCMUPnP_Hunter botnet is evidence that not enough people are appropriately patching their systems.

Threat Background
This botnet was first spotted in September and has been infecting devices to help support a massive spam email campaign. By scanning for potential targets - routers with the BroadCom Universal Plug and Play (UPnP) feature enabled - BCMUPnP_Hunter is able to effectively zero-in on its victims and infect them. From there, the systems can then be taken over by the hacker.

In this case, it has been surmised that the network created by BCMUPnP_Hunter is intended to send out spam emails, as it creates a proxy that communicates with popular email servers. Attackers can also use botnets to generate an ill-gotten profit by generating fraudulent clicks. It has also become apparent that the person who created this malware has considerable skills.

BCMUPnP_Hunter appears to scan from over 100,000 sources, making this botnet a considerably large one.

How This Proves that Patches Aren’t Being Added
In order to accomplish its goal, BCMUPnP_Hunter relies on the target device having Broadcom UPnP enabled, as the botnet is leveraging a vulnerability in that particular feature to work.

The thing is, this vulnerability was discovered in 2013, and most manufacturers have long since released a patch for it. This would imply that the majority of devices infected by this threat are those that weren’t patched.

The Lesson
The lesson here is simple. Whether it’s for business or personal use, any equipment that is a part of your computing infrastructure needs to be maintained - and that includes applying patches promptly. Granted, they aren’t always broadcast to the public, but that only means that users (especially in the business environment) need to check every now and then.

An IT provider like Haber Group can help with that. We’ll monitor both your systems and these kinds of announcements, making sure that your business’ technology is prepared for the latest threats that emerge. Call 866.625.3560 for more information.

Powerful Physical Security Options
Tip of the Week: Use These Practices to Boost Your...


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Friday, April 26 2019

Captcha Image

Mobile? Grab this Article!

Qr Code

Tag Cloud

Tip of the Week Security Best Practices Technology Cloud Email Privacy Business Hackers Malware User Tips Microsoft Computer Business Computing Internet Hosted Solutions Productivity Network Security Google Software Tech Term Communication Mobile Devices Efficiency IT Services Hardware Data Small Business Backup Workplace Tips Windows 10 Smartphone Ransomware Android IT Support Saving Money Productivity Microsoft Office Managed IT Services Cloud Computing Data Management Data Recovery Browser Business Continuity Managed IT Services Word Internet of Things Innovation Gmail Data Backup Windows Facebook Server Users Office 365 Upgrade Outsourced IT Phishing Social Media Smartphones Disaster Recovery Windows 10 Passwords App communications Mobile Device Employer-Employee Relationship Managed Service Provider VoIP Business Management Vulnerability Cybersecurity Encryption Network Chrome Artificial Intelligence Remote Monitoring Miscellaneous Managed Service Information Government Tip of the week Save Money BYOD Apple Office Tips Analytics Hacker IT Support Spam Content Filtering Website Applications Infrastructure Money Big Data Paperless Office Printing Employee-Employer Relationship IT Management Automation Education Risk Management Wireless Maintenance Firewall Tablet Customer Service Antivirus WiFi Avoiding Downtime Data storage The Internet of Things Settings Access Control Display Virtualization Two-factor Authentication Router Bandwidth Virtual Reality Robot YouTube Mobile Security Company Culture Touchscreen Operating System Search SaaS Apps End of Support Telephone Systems IBM Computing Google Drive Mobile Device Management Quick Tips Holiday Password Administration Hacking Unified Threat Management Customer Relationship Management Scam Development Mouse Vendor Management Wi-Fi LiFi Laptop Solid State Drive Chromebook Networking Presentation Computers Augmented Reality Storage Safety Document Management Retail Hard Disk Drive VPN Office Data Security Wireless Technology HIPAA Gadgets Downtime Recovery Data loss Business Technology Outlook Business Intelligence Hosted Solution Virtual Private Network Monitors Server Management Value Deep Learning Humor Security Cameras Sports Specifications Compliance Knowledge Mail Merge Hard Drives Recycling Human Error Mobile Office Unified Threat Management Downloads IT Technicians Hacks Students Disaster Shortcut Online IoT Superfish Cooperation Cryptocurrency MSP Scalability Statistics Break Fix Cookies Budget Spyware Hotspot Professional Services Remote Computing Bring Your Own Device sip Managing Stress Managed Services User Black Friday Regulations How To PowerPoint Experience Unified Communications Address Refrigeration eWaste Device Running Cable User Error Public Speaking Multi-Factor Security Mirgation Uninterrupted Power Supply Patch Management Microsoft Excel Star Wars Update Competition Staff Bitcoin Network Congestion Migration Virtual Desktop Bluetooth Dark Web Nanotechnology LED Language USB Best Practice telephony Cables Laptops Buisness Cyber Monday Social Networking Digital Payment Information Technology Onboarding Corporate Profile Google Docs Continuity Mobility Lithium-ion battery VoIP Google Calendar Chatbots Politics Writing Slack IT solutions Blockchain Cost Management Co-Managed IT How To Printer Wearable Technology Windows 8 Charging Net Neutrality Screen Reader Collaboration Smart Office Undo Computing Infrastructure Dongle Business Growth Wires Software as a Service 5G IT service Heating/Cooling Smart Technology Motherboard Google Wallet Digital Signage WannaCry Solar Print Toner Halloween Time Management Legislation Identity Tech Support Current Events Monitoring Cortana Marketing Permissions Assessment Work Content Firefox Computer Care Messaging Fun Cabling Application FCC Smart Tech File Sharing Legal Alerts Service Level Agreement Samsung Alt Codes Dark Data Voice over Internet Protocol Entertainment BDR Servers Distributed Denial of Service Drones Desktop Internet Exlporer Shortcuts Scary Stories Network Management Comparison Websites Identity Theft Going Green Social Engineering Spying Fraud Optimization Streaming IP Address Cybercrime Techology SharePoint Training Social Analysis Employee-Employer Relationships Managed IT Title II Connectivity Licensing G Suite Typing FinTech iOS Google Maps Managed IT Service Modem Automobile Troubleshooting Digital Lenovo Twitter Botnet Supercomputer Domains Gadget Staffing Motion Sickness Crowdsourcing Taxes Personal Information Administrator Mobile Data Printers Web Server Machine Learning IT Budget GPS CrashOverride IT Consultant Computer Repair Processors Cameras Relocation Meetings Tracking Mobile Computing Cleaning Windows 7 Health Physical Security Alert CCTV Private Cloud Upgrades Emergency Emoji Webcam Work/Life Balance Regulation Electronic Medical Records Error 3D Printing Black Market Point of Sale Law Enforcement Travel Notifications Unsupported Software