Skip to main content

Hacker infects 100K routers in latest botnet attack aimed at sending email spam

Linksys WRT3200 ACM router review
Bill Roberson/Digital Trends

A hacker managed to exploit a five-year-old vulnerability in home routers to create a botnet affecting approximately 100,000 home routers. The botnet was initially discovered in September by researchers from the Netlab team at Qihoo 360, a Chinese internet security company, and it’s likely that the hacker is leveraging this network of compromised routers to send spam emails.

The botnet was built on a 2013 vulnerability on Broadcom’s UPnP SDK. This SDK, which is used on numerous routers, allows an attacker to conduct a remote attack and execute malicious code without requiring any authentication. “It’s the worse kind of vulnerability that exists in the world of Internet-connected devices,” ZDNet reported.

Recommended Videos

Though this latest botnet, which is known as BCMUPnP_Hunter, isn’t the first to exploit this vulnerability, it is the first to use what appears to be new source code to infect routers. Most Internet of Things botnets today use code that has been leaked online to carry out their attacks, but researchers claim that they have not seen similar code to that used on BCMUPnP_Hunter, suggesting that the hacker is authoring new code for the attack. Prior to BCMUPnP_Hunter, a widely reported Russian malware had infected routers worldwide, prompting the FBI to issue a warning to consumers to reset their routers.

Please enable Javascript to view this content

In carrying out the attack, Netlab security researcher Hui Wang said in a blog post that the bot “has to go through multiple steps to infect a potential target.”

A proxy is able to communicate with popular mail servers, such as Outlook, Hotmail, and Yahoo! Mail. Because of this, Wang’s team believes that the attacker is using the botnet to send out spam. Additionally, the number of affected routers has steadily grown in the past few months, with a potential to infect 400,000 routers. “Altogether,we have 3.37 million unique scan source IPs,” Wang said. “It is a big number, but it is likely that the IPs of the same infected devices just changed over time.”

BCMUPnP_Hunter affects routers worldwide with Broadcom’s UPnP feature enabled, but India, China, and the U.S. are among the largest targets. A fix hasn’t been reported yet to combat this latest botnet infection.

Chuong Nguyen
Silicon Valley-based technology reporter and Giants baseball fan who splits his time between Northern California and Southern…
Is Windows 11 acting up for you? This might be why
The Surface Pro 11 on a white table in front of a window.

This year's big Windows 11 update, 24H2, started a phased rollout in October and just became available to more PCs yesterday, December 4, as spotted by Windows Latest. To check if your PC is ready for it, just head to the settings page and check for updates -- if an update is not there for download yet, you'll have to wait until later in the rollout process.

Getting new things first isn't always a good thing when it comes to software, however. It can take quite a while for a new Windows build to be announced as "stable," and 24H2 is far from earning that title at the moment.

Read more
Microsoft’s Copilot Vision arrives to surf the web with select users
The Copilot logo

Microsoft's new Copilot Vision feature that can “see what you see, and hear what you hear” while you navigate the internet is finally being made available, though only to a limited number of Copilot Pro subscribers in the U.S.

"Starting today, we are introducing an experience where – with your permission – Copilot can now understand the full context of what you’re doing online," according to a Microsoft blog post. "When you choose to enable Copilot Vision, it sees the page you're on, it reads along with you, and you can talk through the problem you're facing together."

Read more
This HP Envy 2-in-1 is $300 off and has a gorgeous 16-inch 2K screen
The HP Envy x360 2-in-1 laptop on a white background.

Best Buy continues to offer some fantastic laptop deals with a huge $300 off the HP Envy 2-in-1 16-inch 2K Touchscreen laptop. It normally costs $900 but right now, you can buy it for just $600 which is a fantastic price for a laptop with such a good screen. It’d make the perfect gift for someone but also it’s simply a good laptop for all your working needs. Here’s a quick overview of what it has to offer.

Why you should buy the HP Envy 2-in-1 laptop
HP is one of the best laptop brands around and it has a particular penchant for making some of the best 2-in-1 laptops. With this HP Envy 2-in-1 laptop, you get some great hardware. It has an Intel Core Ultra 5 CPU, 16GB of RAM, and 512GB of SSD storage. For this price, you can’t really go wrong with these specs.

Read more