Cyber criminals are leveraging the Universal Plug and Play (UPnP) protocol found in all routers for various criminal activities. The latest report from Akamai* reveals that about 65,000 devices have already been compromised through the UPnProxy which can be used to redirect traffic to another IP address and the flaw can also be used to create a network of proxies that redirect traffic through tens or hundreds of IPs before reaching a final destination. Ashley Stephenson, CEO at Corero Network Security commented below.
Ashley Stephenson, CEO at Corero Network Security:
“Millions of vulnerable systems exposing the uPnP service to the Internet have been leveraged as a common DDoS amplification vector for years using the SSDP protocol. The recent finding by Akamai that a subset of these vulnerable systems, specifically home routers, are also being hacked to provide malicious proxy services is not surprising. This new finding is likely to result in the operator of the vulnerable home router being leveraged as part of a hack in addition to being a potential participant in a DDoS attack. Yet another example of the challenges involved in securing your Internet access”