UPnP has been a security risk for years, but now it’s WORSE! — Psinergy LLC

UPnP has been a security risk for years, but now it’s WORSE!

UPnP (Universal Plug and Play) is intended to allow devices inside your local network to open needed ports in your modem/router. This was already an issue as viruses/malware could make a request to have the ports opened and allow malicious communication to go through unfettered. It isn’t supposed to accept instructions from outside the network (the WAN side), but a vulnerability that has been known since at least 2013 has been used to expand the exploit.

A new attack has emerged that is specifically designed to open your network to attack and to get into connected devices. EternalSilence, as it has been dubbed, not only compromises your router, but also opens ports on your device (computer, cell phones, smart devices, etc), and this attack appears to be related to the leaked NSA exploits EternalBlue and EternalRed. This is a pretty nasty exploit, to be honest.


How to tell if you’ve been compromised

It can be difficult to tell if you have been compromised by this specific exploit. One way that may indicate that you’ve been compromised is if you go into your router and you notice some “odd” ports that are open in UPnP, though even if you are compromised, this isn’t a true fire way of telling (because the ports are often released quickly after they are no longer used). The best thing to do for this is to honestly just do the fix below, whether you have been compromised or not.


How to Fix

  1. If you’ve been compromised, you need to do a factory reset of your router and disable UPnP completely.
    • You also need to scan all of your devices to make sure they haven’t been infected through this vulnerability.
  2. To help make sure you aren’t vulnerable for this exploit, make sure your router firmware is up-to-date, or purchase new up-to-date hardware.
    • and Make sure to turn OFF UPnP!
  3. If you’re not sure how to do this, we can help. Give us a call us at 612-234-7237. We will check the router to ensure UPnP is turned off (or turn it off if it’s not) remotely, in most cases, as a “Quick Fix“, or the “In-depth Remote Help” we will also apply needed router firmware updates (if none are needed, it would only be a Quick Fix). The scanning of your devices would not be part of the quick fix or the in-depth remote help service. In some cases, we may actually need you to bring in the device or schedule an onsite service, and we may recommend certain security appliances if that’s of a concern for your unique setup.


To read more in-depth about this attack, go to the Ars Technica article here.



The post UPnP has been a security risk for years, but now it’s WORSE! appeared first on Psinergy Tech.

You Might Also Liked

Firefox Vulnerability – known about for 17 years 1903 is here, what have we seen? VLC Media Player Security Flaw! Change your Facebook password now! Severe RCE Flaw Disclosed in Popular LibreOffice and OpenOffice Software — The Hacker News Caribou Coffee Stores Hacked for months… but what about your business? Microsoft Issues Emergency Patch for Windows 7 – 10, including Server OS Avast had a glitch! – “DNS server isn’t responding”

Upcoming Events

all-day Conjunction of Venus and Jupiter
Conjunction of Venus and Jupiter
Nov 24 all-day
A conjunction of Venus and Jupiter will be visible on November 24. The two bright planets will be visible within 1.4 degrees of each other in the evening sky. Look for this impressive sight in the western sky just after sunset.Click to print (Opens in new window)Click to share on[...]
all-day 2020 Astro Calendar Updates Comi...
2020 Astro Calendar Updates Comi...
Dec 12 all-day
Hello, and HAPPY NEW YEAR! Canton (canton@gmail.com) will be adding additional 2019 calendar events (meteor showers, etc.) during the last week of 2018. Feel free to email him any suggestions. If you added this ICS calendar feed as a “subscription” instead of a one-time import, then new events should automatically[...]
all-day Geminids “King” Meteor Shower
Geminids “King” Meteor Shower
Dec 13 all-day
The Geminids is the king of the meteor showers. It is considered by many to be the best shower in the heavens, producing up to 120 multicolored meteors per hour at its peak. It is produced by debris left behind by an asteroid known as 3200 Phaethon, which was discovered[...]
all-day Ursids Meteor Shower
Ursids Meteor Shower
Dec 21 all-day
The Ursids is a minor meteor shower producing about 5-10 meteors per hour. It is produced by dust grains left behind by comet Tuttle, which was first discovered in 1790. The shower runs annually from December 17-25. It peaks this year on the the night of the 21st and morning[...]
10:19 pm Winter Solstice
Winter Solstice
Dec 21 @ 10:19 pm – 11:19 pm
This marks the beginning of winter (in the northern hemisphere) and the beginning of summer (in the southern hemisphere.) The winter solstice is the shortest day of the year, respectively, in the sense that the length of time elapsed between sunrise and sunset on this day is a minimum for[...]