A fresh botnet is spreading across the landscape, targeting router equipment. So far, hundreds of thousands of bot endpoints have already been identified, and they’re apparently being marshaled to send out massive amounts of spam.
The botnet first emerged in September, according to 360Netlab telemetry, which dubbed it BCMUPnP_Hunter. It’s so-named because of its penchant for infecting routers that have the BroadCom Universal Plug and Play (UPnP) feature enabled. The botnet takes advantage of a known vulnerability in that feature, which was discovered in 2013.
Read more about the BCMUPnP_Hunter botnet on Threatpost.