Joined: 11 Apr 2010 Posts: 318 Location: San Francisco Bay Area
Posted: Tue Nov 13, 2018 18:14 Post subject: 100K Broadcom Router Botnet uses 5 year old UPnP Bug
From ARS Technica
Dubbed BCMUPnP_Hunter, a recently discovered botnet has taken control of an eye-popping 100,000 home and small-office routers made from 116 different types of devices from a diverse group of manufacturers including Broadcom, Asus, Cisco, TP-Link, Zyxel, D-Link, Netgear, and US Robotics mainly by exploiting a critical UPnP vulnerability that has remained unaddressed on infected devices more than five years after it came to light.