Home routers are affected by major UPnProxy security issues

By: Costea Lestoc
2 minute read

According to Akamai latest report, it looks like bad actors are abusing more than 65,000 routers to create proxy networks for secret or even illegal activities. Akamai is an American content delivery network and cloud service provider. The Universal Plus and Play protocol is abused by botnet operators and cyber-espionage groups. UPnP comes with all modern routers to, and the bad actors’ target is to proxy bad traffic and hide real location.

UPnP is targeted these days

The UPnP protocol is abused by attackers, and this is an essential feature because it makes it easier to interconnect local devices with Wi-Fi and forward ports and services to the web. The protocol is vital for modern routers, but its insecurity was proven more than ten years ago. Attackers have been abusing it ever since, and now it looks that there’s a brand new way in which they are doing this. Bad actors have discovered that particular routers expose the protocol’s services that are meant only for inter-device discovery.

The flaw’s codename is UPnProxy

Attackers have been abusing these routers to inject malware into their Network Address Translation tables. The flaw allows attackers to use routers with misconfigured UPnP services as proxy services for their own secret and illegal operations. The weakness is significant because cybercriminals can login into routers that expose their backend on the web.

Hackers can exploit it to bypass firewalls and access IP addresses to bounce traffic to other IP addresses. This can be used to mask the real locations of phishing pages, spam campaigns, advertising click fraud and more similar “goodies.”


In case you want to be secure while surfing the internet, you will need to get a full-dedicated tool to secure your network.  Install now Cyberghost VPN and secure yourself. It protects your PC from attacks while browsing, masks your IP address and blocks all unwanted access.


Akamai’s findings and solutions

The number or vulnerable routers that Akamai detected is around 4.8 million and experts have discovered active NAT injections on more than 65,000 devices. Akamai also created a list of 400 router models made by 73 vendors that are currently vulnerable. Users are advised to replace their routers with models that don’t have the vulnerability. Akamai also released a Bash script that has the ability to identify vulnerable routers.

RELATED STORIES TO CHECK OUT:

Next up

2018 List: Best free Android emulators for Windows 10/8.1/7

By: Ivan Jenic
7 minute read

What Android emulator is the best for my Windows PC? Bluestacks MeMu Nox Remix OS Player Droid4X AMIDuOS Windroy Genymotion Xamarin Android Player Andy We’re […]

Continue Reading

New Windows 10 security flaw gives system privileges to hackers

By: Daniel Segun
2 minute read

Recently, a security researcher @SandboxEscaper disclosed in a tweet which has been deleted (the account also has been removed), that the task scheduler is vulnerable […]

Continue Reading

Microsoft devices could support Ultrafast wireless charging in the future

By: Daniel Segun
2 minute read

Microsoft may be developing a new wireless charging system called “Ultrafast’” for its devices, if a newly discovered patent gets approved for mass production. This […]

Continue Reading

Discussions