Home routers are affected by major UPnProxy security issues

Costea Lestoc By: Costea Lestoc
2 minute read

Home » News » Home routers are affected by major UPnProxy security issues

According to Akamai latest report, it looks like bad actors are abusing more than 65,000 routers to create proxy networks for secret or even illegal activities. Akamai is an American content delivery network and cloud service provider. The Universal Plus and Play protocol is abused by botnet operators and cyber-espionage groups. UPnP comes with all modern routers to, and the bad actors’ target is to proxy bad traffic and hide real location.

UPnP is targeted these days

The UPnP protocol is abused by attackers, and this is an essential feature because it makes it easier to interconnect local devices with Wi-Fi and forward ports and services to the web. The protocol is vital for modern routers, but its insecurity was proven more than ten years ago. Attackers have been abusing it ever since, and now it looks that there’s a brand new way in which they are doing this. Bad actors have discovered that particular routers expose the protocol’s services that are meant only for inter-device discovery.

The flaw’s codename is UPnProxy

Attackers have been abusing these routers to inject malware into their Network Address Translation tables. The flaw allows attackers to use routers with misconfigured UPnP services as proxy services for their own secret and illegal operations. The weakness is significant because cybercriminals can login into routers that expose their backend on the web.

Hackers can exploit it to bypass firewalls and access IP addresses to bounce traffic to other IP addresses. This can be used to mask the real locations of phishing pages, spam campaigns, advertising click fraud and more similar “goodies.”


In case you want to be secure while surfing the internet, you will need to get a full-dedicated tool to secure your network.  Install now Cyberghost VPN and secure yourself. It protects your PC from attacks while browsing, masks your IP address and blocks all unwanted access.


Akamai’s findings and solutions

The number or vulnerable routers that Akamai detected is around 4.8 million and experts have discovered active NAT injections on more than 65,000 devices. Akamai also created a list of 400 router models made by 73 vendors that are currently vulnerable. Users are advised to replace their routers with models that don’t have the vulnerability. Akamai also released a Bash script that has the ability to identify vulnerable routers.

RELATED STORIES TO CHECK OUT:

Discussions

Next up

3 appointment scheduling software for salons to organize your work

Loredana Paraianu avatar. By: Loredana Paraianu
Less than a 1 minute read

Managing a wellness center, a beauty center, or a salon can be very stressful and demanding. This is especially true if you have always used […]

Continue Reading

6 best weekly planner software for an organized mind

Dominique Wilson avatar. By: Dominique Wilson
Less than a 1 minute read

To make the most of every day, you need to be organized. In this way, you will have almost everything under control. Using a schedule […]

Continue Reading

Here’s what to do if your home network won’t show up

Milan Stanojevic avatar. By: Milan Stanojevic
7 minute read

Most of us have a wireless connection in our home, but many users reported that their home network won’t show up in the list of […]

Continue Reading