CySecurity News – Latest Information Security and Hacking Incidents
‘Eternal Silence,’ a malicious campaign, is exploiting Universal Plug and Play (UPnP), which switches the router into a proxy server used to execute nefarious assaults while obscuring the threat actors’ location.
UPnP is a connection protocol that enables additional devices on a network to establish port forwarding rules on a router automatically and is optionally available in most modern routers. This allows remote devices to use a certain software function or device as needed, with minimal user configuration.
However, it is another technology that compromises security for convenience, particularly when the UPnP implementation is subject to attacks that enable remote attackers to add UPnP port-forwarding entries over a device’s exposed WAN connection.
Akamai researchers discovered attackers exploiting this flaw to build proxies that conceal their harmful operations and termed the attack UPnProxy.
277,000 of the 3,500,000 UPnP routers detected online are vulnerable to UPnProxy, with 45,113 already infected by hackers.
Analysts at Akamai believe the perpetrators are attempting to exploit EternalBlue (CVE-2017-0144) and EternalRed (CVE-2017-7494) on unpatched Windows and Linux systems, respectively.
Exploiting these holes can result
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: