UPnP has been a security risk for years, but now it’s WORSE! — Psinergy LLC
X
Menu

UPnP has been a security risk for years, but now it’s WORSE!

UPnP (Universal Plug and Play) is intended to allow devices inside your local network to open needed ports in your modem/router. This was already an issue as viruses/malware could make a request to have the ports opened and allow malicious communication to go through unfettered. It isn’t supposed to accept instructions from outside the network (the WAN side), but a vulnerability that has been known since at least 2013 has been used to expand the exploit.

A new attack has emerged that is specifically designed to open your network to attack and to get into connected devices. EternalSilence, as it has been dubbed, not only compromises your router, but also opens ports on your device (computer, cell phones, smart devices, etc), and this attack appears to be related to the leaked NSA exploits EternalBlue and EternalRed. This is a pretty nasty exploit, to be honest.

 

How to tell if you’ve been compromised

It can be difficult to tell if you have been compromised by this specific exploit. One way that may indicate that you’ve been compromised is if you go into your router and you notice some “odd” ports that are open in UPnP, though even if you are compromised, this isn’t a true fire way of telling (because the ports are often released quickly after they are no longer used). The best thing to do for this is to honestly just do the fix below, whether you have been compromised or not.

 

How to Fix

  1. If you’ve been compromised, you need to do a factory reset of your router and disable UPnP completely.
    • You also need to scan all of your devices to make sure they haven’t been infected through this vulnerability.
  2. To help make sure you aren’t vulnerable for this exploit, make sure your router firmware is up-to-date, or purchase new up-to-date hardware.
    • and Make sure to turn OFF UPnP!
  3. If you’re not sure how to do this, we can help. Give us a call us at 612-234-7237. We will check the router to ensure UPnP is turned off (or turn it off if it’s not) remotely, in most cases, as a “Quick Fix“, or the “In-depth Remote Help” we will also apply needed router firmware updates (if none are needed, it would only be a Quick Fix). The scanning of your devices would not be part of the quick fix or the in-depth remote help service. In some cases, we may actually need you to bring in the device or schedule an onsite service, and we may recommend certain security appliances if that’s of a concern for your unique setup.

 


To read more in-depth about this attack, go to the Ars Technica article here.

 


 

The post UPnP has been a security risk for years, but now it’s WORSE! appeared first on Psinergy Tech.

You Might Also Liked

Avast had a glitch! – “DNS server isn’t responding” Unpatched MS Word Flaw Could Allow Hackers to Infect Your Computer — The Hacker News Tips for Success with Build 1803 Security Vulnerabilities: Is it time for a new computer? You thought Con-Artist Spam calls were bad enough — Now there are Con-Artist Spam Texts… Keeping your Computer Healthy during the Holidays New Airborn Virus on Multiple Computer Platforms How to tell if you have a Computer Virus

Upcoming Events

Dec
12
Wed
all-day 2019 Astro Calendar Updates Comi...
2019 Astro Calendar Updates Comi...
Dec 12 all-day
Hello, and HAPPY NEW YEAR! Canton (canton@gmail.com) will be adding additional 2019 calendar events (meteor showers, etc.) during the last week of 2018. Feel free to email him any suggestions. If you added this ICS calendar feed as a “subscription” instead of a one-time import, then new events should automatically[...]
Dec
13
Thu
all-day Geminids “King” Meteor Shower
Geminids “King” Meteor Shower
Dec 13 all-day
Planning on staying up late (or waking up early) for this one. The Geminids is the “king” of the meteor showers. It is considered by many to be the best shower in the heavens, producing up to 120 multicolored meteors per hour at its peak. It is produced by debris[...]
Dec
21
Fri
all-day Ursids Meteor Shower
Ursids Meteor Shower
Dec 21 all-day
The Ursids is a minor meteor shower producing about 5-10 meteors per hour. It is produced by dust grains left behind by comet Tuttle, which was first discovered in 1790. The shower runs annually from December 17-25. It peaks this year on the the night of the 21st and morning[...]
4:23 pm Winter Solstice
Winter Solstice
Dec 21 @ 4:23 pm – 5:23 pm
The winter solstice is the shortest day of the year, respectively, in the sense that the length of time elapsed between sunrise and sunset on this day is a minimum for the year. Of course, daylight saving time means that the first Sunday in April has 23 hours and the[...]