UPnP

Pierluigi Paganini January 31, 2022
Hundreds of thousands of routers exposed to Eternal Silence campaign via UPnP

A hacking campaign, tracked as Eternal Silence, is abusing UPnP to compromise routers and use them to carry out malicious activities. Researchers from Akamai have spotted a malicious campaign, tracked as ‘Eternal Silence,’ that is abusing Universal Plug and Play (UPnP) to turn routers into a proxy server used to carry out a broad range […]

Pierluigi Paganini December 01, 2018
ETERNALSILENCE – 270K+ devices vulnerable to UPnProxy Botnet build using NSA hacking tools

Over 270,000 connected devices run vulnerable implementations of UPnP, threat actors are attempting to recruit them in a multi-purpose botnet. In April, Akamai reported that threat actors compromised 65,000 home routers by exploiting vulnerabilities in Universal Plug’N’Play (UPnP), experts tracked the botnet as UPnProxy.  Now the company provided an update to its initial analysis revealing […]

Pierluigi Paganini April 13, 2018
Experts uncovered a proxy botnet composed of over 65,000 routers exposed via UPnP protocol

Security researchers at Akamai have discovered a proxy botnet composed of more than 65,000 routers exposed to the Internet via the Universal Plug and Play (UPnP) protocol. Crooks have compromised the devices of this multi-purpose proxy botnet to conduct a wide range of malicious activities, including spamming and phishing, click fraud, account takeover and credit card […]

Pierluigi Paganini June 19, 2017
Pinkslipbot banking Trojan exploiting infected machines as control servers

Pinkslipbot banking Trojan is a banking Trojan that uses a complicated multistage proxy for HTTPS-based control server communication. Security researchers at McAfee Labs have spotted a new strain of the Pinkslipbot banking malware (also known as QakBot/QBot) that leverages UPnP to open ports, allowing incoming connections from anyone on the Internet to communicate with the infected […]