by Robert Klatt • Nov 14, 2018 7:57 amThe infected routers are used to send spam.Netlab has published a list of the affected routers and protection options.The sometimes blatant security gaps and the poor supply of updates have been causing new, rapidly growing botnets for a long time.The recently discovered 'BCMUPnP_Hunter' botnet exploits a UPnP vulnerability that, although discovered and reported five years ago, still exists in numerous routers today.The botnet now includes around 100,000 routers, most of which are used by home users and small offices.The 2013 security report titled "Broadcom UPnP Remote Preauth Root Code Execution" states that the vulnerability was found in routers from Zyxel, Asus, Broadcom, TP-Link, US Robotics, Cisco, D-Link and Netgear.A flaw in the use of Universal Plug and Play (UPnP) protocol in the chipset of routers manufactured by Broadcom is exploited.The security company Netlab has now discovered 116 router models that have been infected by the botnet.Since these are almost all models that are now very outdated, it cannot be expected that the manufacturers will still provide security updates for the vulnerability.As soon as the botnet has infected a new router, the people behind it use it to send emails.To do this, the router connects to various free mail providers such as Yahoo!Mail, Hotmail and Outlook, from which spam is then sent via a large number of accounts.Netlab has since published a list of all routers found to be infected by the botnet.However, it is likely that other routers are also affected by the vulnerability.Owners of the following routers should check if there is a security update from the manufacturer.Alternatively, UPnP can also be disabled to prevent infection by the botnet.