By Kari Paul, MarketWatch
You may be sending spam emails without realizing it — and there’s only one way to stop it.
Hundreds of thousands of devices have been harnessed to send out massive amounts of spam emails, a report from Bejing-based security research firm 360Netlab found.
The attack is exploiting a security vulnerability initially found in 2013 on the Universal Plug and Play (UPnP) feature, which allows a device on the same network to discover each other more seamlessly.
The hackers are using malware to infect computers and turn them into “bots,” or robots that are part of a “botnet army,” the researchers concluded.
“This can generate real economic benefits,” they wrote. Evidence points to the proxy communicating with mail servers like Outlook, Hotmail, among others, the report said. So far, between 100,000 and 300,000 devices are infected and that number could grow, researchers say.
“Attackers can use this command to build a proxy network, and then profit from doing things such as sending spam, simulating clicks, and so on.”
Microsoft told MarketWatch it has a protocol for protecting computers against malware but advises customers to be cautious .
“Customers can help protect themselves by keeping their software up to date,” the spokeswoman said. “We encourage customers to practice good computing habits online, including exercising caution when clicking on links to web pages, opening unknown files, or accepting file transfers.”***
Companies whose routers are potentially at risk include Swiss broadband company ADB , California tech supplier Broadcom /zigman2/quotes/200646538/composite AVGO -0.70% , Taiwanese manufacturing company D-Link, Linksys/Cisco /zigman2/quotes/209509471/composite CSCO -0.35% , NetComm Wireless , UTStarcom /zigman2/quotes/209898048/composite UTSI +2.55% and ZyXEL. (These companies did not respond to comment).
People with routers from these companies should change their passwords and reset their routers to allow them to update, experts say. Others should consider resetting router passwords periodically anyway just to be safe.
The 360Netlab report comes after the Federal Bureau of Investigation said anyone with a router should reboot it in May 2018. The bureau was attempting to stop the spread of malware after a virus infected hundreds of thousands of devices across 54 countries.
In that case, Russian hackers were using the malware to access computers around the globe. While there was no evidence that the early 2018 hack was being used for nefarious purposes, the FBI said once these parties have access to your router, they can use it for a number of schemes.
This includes massive distributed denial of service (DDoS) attacks — in which hackers flood a recipient with web traffic to slow or shut it down.
Compromising a router can also be used to gain access to your home. Once someone accesses the home network, they can also access your smart lights, smart refrigerator, and smart doorbell (and camera) if they’re all on the same network.