Michael Kahn

Business Solutions Group has been serving the Mt. Prospect area since 2009, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Spreading Botnet has Years-Old Flaw to Thank

Spreading Botnet has Years-Old Flaw to Thank

When asked how one can prevent threats from attacking a business’ infrastructure, one of the first answers that we’d give is to ensure that all patches have been applied. Doing so will help to stop an attack from infecting your systems, if a patch has been successfully developed. Unfortunately, the recent spread of the BCMUPnP_Hunter botnet is evidence that not enough people are appropriately patching their systems.

Threat Background
This botnet was first spotted in September and has been infecting devices to help support a massive spam email campaign. By scanning for potential targets - routers with the BroadCom Universal Plug and Play (UPnP) feature enabled - BCMUPnP_Hunter is able to effectively zero-in on its victims and infect them. From there, the systems can then be taken over by the hacker.

In this case, it has been surmised that the network created by BCMUPnP_Hunter is intended to send out spam emails, as it creates a proxy that communicates with popular email servers. Attackers can also use botnets to generate an ill-gotten profit by generating fraudulent clicks. It has also become apparent that the person who created this malware has considerable skills.

BCMUPnP_Hunter appears to scan from over 100,000 sources, making this botnet a considerably large one.

How This Proves that Patches Aren’t Being Added
In order to accomplish its goal, BCMUPnP_Hunter relies on the target device having Broadcom UPnP enabled, as the botnet is leveraging a vulnerability in that particular feature to work.

The thing is, this vulnerability was discovered in 2013, and most manufacturers have long since released a patch for it. This would imply that the majority of devices infected by this threat are those that weren’t patched.

The Lesson
The lesson here is simple. Whether it’s for business or personal use, any equipment that is a part of your computing infrastructure needs to be maintained - and that includes applying patches promptly. Granted, they aren’t always broadcast to the public, but that only means that users (especially in the business environment) need to check every now and then.

An IT provider like Business Solutions Group can help with that. We’ll monitor both your systems and these kinds of announcements, making sure that your business’ technology is prepared for the latest threats that emerge. Call 866.546.1004 for more information.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Sunday, 24 March 2019
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Newsletter Sign Up

  • First Name *
  • Last Name *

      Mobile? Grab this Article!

      QR-Code dieser Seite

      Blog Archive

      Recent Comments

      Tip of the Week: How to Foil A Phishing Attack By ID’ing a Bad URL
      23 March 2019
      The same kind of care needs with regard to applied to barefoot jogging. Apply the steps I just sugge...
      Tip of the Week: How to Foil A Phishing Attack By ID’ing a Bad URL
      23 March 2019
      A very awesome blog post. We are really grateful for your blog post. You will find a lot of approach...
      Tip of the Week: How to Foil A Phishing Attack By ID’ing a Bad URL
      19 March 2019
      I am very satisfied that I am perusing this incredible article today. With the data that is shared h...
      Businesses that Value Mobility Will Want to Adopt 2-in-1 Devices
      19 March 2019
      Many thanks for the exciting blog posting! Simply put your blog post to my favorite blog list and wi...
      Charity Scams Are Very Real. Here’s How To Dodge Them
      19 March 2019
      Many thanks for the exciting blog posting! Simply put your blog post to my favorite blog list and wi...

      Upcoming Events

      No events