Catalin Cimpanu reports:
A new botnet made up of roughly 100,000 home routers has silently grown over the past two months. According to current evidence, the botnet’s operators appear to use the infected routers to connect to webmail services and are most likely sending out massive email spam campaigns.
First spotted this September by the Netlab team at Qihoo 360, the botnet has been exploiting a well-known five-year-old vulnerability to spread.
The vulnerability was discovered in 2013 by security researchers from DefenseCode and resides in the Broadcom UPnP SDK, a piece of software that was embedded in thousands of router models from multiple vendors.
Read more on ZDNet.