As we were preparing to celebrate our 15 year anniversary, news broke that another large botnet is running around infecting home routers. This time it's an older vulnerability being used that should have been patched years ago:
BCMUPnP_Hunter finds its prey by scanning for vulnerable UPnP on TCP port 5431, followed by UDP port 1900 used by Broadcom’s implementation.
Home routers are a favorite vehicle for botnets because there are a bunch of them online and they are rarely updated or even thought of once they've been installed. Today's a good day to add “check on router” to your home maintenance checklist.The BCMUPnP_Hunter #botnet hit the news last week. This blog looks at where it fits into the long and destructive history of malicious botnets. Click To Tweet
The news about BCMUPnP_Hunter caused me to wonder about botnets in general. How long have we been dealing with them, anyway? What was the first botnet? How did it work?