{"id":13315,"date":"2018-11-26T18:25:53","date_gmt":"2018-11-26T15:25:53","guid":{"rendered":"https:\/\/vasexperts.com\/?p=13315"},"modified":"2025-09-09T15:07:38","modified_gmt":"2025-09-09T12:07:38","slug":"the-botnet-spams-via-routers","status":"publish","type":"post","link":"https:\/\/vasexperts.com\/br\/blog\/security\/the-botnet-spams-via-routers\/","title":{"rendered":"A botnet envia spam por meio de roteadores"},"content":{"rendered":"O 360Netlab observa que esta \u00e9 a atividade mais alta em compara\u00e7\u00e3o com outras botnets estudadas anteriormente.\r\n\r\nA intera\u00e7\u00e3o entre a botnet e a \u201cv\u00edtima\u201d ocorreu em v\u00e1rias etapas (veja a figura abaixo). Primeiro, a porta TCP 5431 foi escaneada. Em seguida, a porta UDP 1900 foi verificada \u2014 uma sequ\u00eancia espec\u00edfica foi enviada a ela, aguardando uma URL vulner\u00e1vel fornecida pelo dispositivo em resposta. Ap\u00f3s receber o link vulner\u00e1vel, mais quatro sess\u00f5es com o dispositivo foram realizadas para determinar o ponto de entrada para a execu\u00e7\u00e3o do c\u00f3digo shell na mem\u00f3ria do dispositivo. Como resultado, o dispositivo foi transformado em um bot que executava as tarefas da botnet prim\u00e1ria.\r\n\r\n<noscript><img decoding=\"async\" src=\"\/wp-content\/uploads\/2018\/11\/botnet-interaction.jpg\" alt=\"botnet interaction\" width=\"100%\" height=\"auto\" class=\"alignnone size-full wp-image-13319\" srcset=\"\/wp-content\/uploads\/2018\/11\/botnet-interaction.jpg 798w, \/wp-content\/uploads\/2018\/11\/botnet-interaction-300x230.jpg 300w, \/wp-content\/uploads\/2018\/11\/botnet-interaction-768x588.jpg 768w\" sizes=\"(max-width: 798px) 100vw, 798px\"><\/noscript><img decoding=\"async\" src=\"\/wp-content\/uploads\/2018\/11\/botnet-interaction.jpg\" alt=\"botnet interaction\" width=\"100%\" height=\"auto\" class=\"alignnone size-full wp-image-13319 lazyload\" sizes=\"(max-width: 798px) 100vw, 798px\" data-src=\"\/wp-content\/uploads\/2018\/11\/botnet-interaction.jpg\" data-srcset=\"\/wp-content\/uploads\/2018\/11\/botnet-interaction.jpg 798w, \/wp-content\/uploads\/2018\/11\/botnet-interaction-300x230.jpg 300w, \/wp-content\/uploads\/2018\/11\/botnet-interaction-768x588.jpg 768w\">\r\n\r\nOlhando para o futuro, devemos observar que as portas 5431 e 1900 n\u00e3o foram escolhidas aleatoriamente, pois o servi\u00e7o UPnP geralmente \u00e9 executado nessas portas. Isso significa que este servi\u00e7o, habilitado por padr\u00e3o na maioria dos dispositivos, apresenta uma vulnerabilidade. Analisaremos a lista de dispositivos posteriormente.\r\n\r\nPor muito tempo, os especialistas n\u00e3o conseguiram detectar esse problema. O problema se resumia a fazer com que <a href=\"https:\/\/en.wikipedia.org\/wiki\/Honeypot_(computing)\" rel=\"nofollow\">o honeypot<\/a> (um recurso que atua como isca para invasores) imitasse um dispositivo no cen\u00e1rio descrito acima. Foi somente em outubro de 2018, ap\u00f3s um longo processo de configura\u00e7\u00e3o, que conseguiram fazer isso e enganar a botnet. O projeto foi denominado BCMUPnP_Hunter.\r\n\r\nPesquisas posteriores mostraram que a botnet possui as seguintes caracter\u00edsticas:\r\n<ul>\r\n\t<li>O n\u00famero de infec\u00e7\u00f5es \u00e9 muito alto, com aproximadamente 100.000 endere\u00e7os IP de varredura ativos em cada evento.<\/li>\r\n\t<li>O alvo da infec\u00e7\u00e3o s\u00e3o principalmente roteadores com a fun\u00e7\u00e3o BroadCom UPnP habilitada.<\/li>\r\n\t<li>O servidor do invasor envia e-mails por meio dessa botnet, que \u00e9 essencialmente um servidor proxy. Atualmente, as solicita\u00e7\u00f5es para servidores de e-mail conhecidos, como Outlook, Hotmail, Yahoo! Mail, etc., est\u00e3o sendo registradas. Os pesquisadores acreditam que o objetivo dos invasores \u00e9 enviar spam.<\/li>\r\n<\/ul>\r\nA frequ\u00eancia e o n\u00famero de n\u00f3s de varredura podem ser vistos no gr\u00e1fico abaixo.\r\n\r\n<noscript><img decoding=\"async\" src=\"\/wp-content\/uploads\/2018\/11\/nodes_scanning.png\" alt=\"nodes scanning\" width=\"100%\" height=\"auto\" class=\"alignnone size-full wp-image-13320\" srcset=\"\/wp-content\/uploads\/2018\/11\/nodes_scanning.png 728w, \/wp-content\/uploads\/2018\/11\/nodes_scanning-300x200.png 300w\" sizes=\"(max-width: 728px) 100vw, 728px\"><\/noscript><img decoding=\"async\" src=\"\/wp-content\/uploads\/2018\/11\/nodes_scanning.png\" alt=\"nodes scanning\" width=\"100%\" height=\"auto\" class=\"alignnone size-full wp-image-13320 lazyload\" sizes=\"(max-width: 728px) 100vw, 728px\" data-src=\"\/wp-content\/uploads\/2018\/11\/nodes_scanning.png\" data-srcset=\"\/wp-content\/uploads\/2018\/11\/nodes_scanning.png 728w, \/wp-content\/uploads\/2018\/11\/nodes_scanning-300x200.png 300w\">\r\n\r\nComo pode ser observado, a atividade aumenta a cada 1 a 3 dias e, em alguns casos, chega a 100.000 n\u00f3s. O n\u00famero total de n\u00f3s invasores \u00e9 de cerca de 3,34 milh\u00f5es, mas n\u00e3o se deve descartar que os mesmos dispositivos possam ter endere\u00e7os IP diferentes.\r\n\r\nA localiza\u00e7\u00e3o geogr\u00e1fica dos farejadores \u00e9 mostrada no mapa.\r\n\r\n<noscript><img decoding=\"async\" src=\"\/wp-content\/uploads\/2018\/11\/sniffers_location.png\" alt=\"sniffers location\" width=\"100%\" height=\"auto\" class=\"alignnone size-full wp-image-13321\" srcset=\"\/wp-content\/uploads\/2018\/11\/sniffers_location.png 1600w, \/wp-content\/uploads\/2018\/11\/sniffers_location-300x150.png 300w, \/wp-content\/uploads\/2018\/11\/sniffers_location-1024x511.png 1024w, \/wp-content\/uploads\/2018\/11\/sniffers_location-768x384.png 768w, \/wp-content\/uploads\/2018\/11\/sniffers_location-1536x767.png 1536w\" sizes=\"(max-width: 1600px) 100vw, 1600px\"><\/noscript><img decoding=\"async\" src=\"\/wp-content\/uploads\/2018\/11\/sniffers_location.png\" alt=\"sniffers location\" width=\"100%\" height=\"auto\" class=\"alignnone size-full wp-image-13321 lazyload\" sizes=\"(max-width: 1600px) 100vw, 1600px\" data-src=\"\/wp-content\/uploads\/2018\/11\/sniffers_location.png\" data-srcset=\"\/wp-content\/uploads\/2018\/11\/sniffers_location.png 1600w, \/wp-content\/uploads\/2018\/11\/sniffers_location-300x150.png 300w, \/wp-content\/uploads\/2018\/11\/sniffers_location-1024x511.png 1024w, \/wp-content\/uploads\/2018\/11\/sniffers_location-768x384.png 768w, \/wp-content\/uploads\/2018\/11\/sniffers_location-1536x767.png 1536w\">\r\n\r\nA \u00cdndia lidera com 147.700 n\u00f3s, seguida pelos EUA e China.\r\n\r\nA lista de dispositivos vulner\u00e1veis \u200b\u200binclui muitas marcas populares, como Cisco, Zyxel, D-Link, Eltex e TP-Link. No total, s\u00e3o cerca de 116 dispositivos, mas pesquisadores observam que esse n\u00famero pode ser maior. A lista completa est\u00e1 dispon\u00edvel abaixo.\r\n\r\nAs consequ\u00eancias s\u00e3o \u00f3bvias: 100% dos endere\u00e7os IP dos provedores s\u00e3o colocados na lista negra de servi\u00e7os antispam.\r\n\r\n\u00c9 interessante notar que uma grande propor\u00e7\u00e3o de dispositivos vulner\u00e1veis \u200b\u200bs\u00e3o roteadores ADSL. Isso provavelmente \u00e9 uma coincid\u00eancia, mas n\u00e3o se deve esquecer que o xDSL ainda \u00e9 usado em muitos pa\u00edses em desenvolvimento com grandes popula\u00e7\u00f5es.\r\n\r\n<a href=\"\/br\/products\/stingray\/\">O Stingray<\/a> oferece prote\u00e7\u00e3o contra ataques DDoS, e a nova vers\u00e3o conta com uma fun\u00e7\u00e3o de <a href=\"\/products\/stingray\/mini-firewall\/\">mini-firewall<\/a>, que descreveremos em detalhes em breve em nosso blog. Para obter informa\u00e7\u00f5es mais detalhadas sobre as vantagens da plataforma, seu uso eficaz em redes de telecomunica\u00e7\u00f5es, bem como a migra\u00e7\u00e3o de outras plataformas e integra\u00e7\u00e3o com outros sistemas, entre em contato com os especialistas da VAS Experts, desenvolvedora e fornecedora do sistema de an\u00e1lise de tr\u00e1fego Stingray Service Gateway.\r\n\r\n[subscription id=\u201d11987\u2033]Assine as atualiza\u00e7\u00f5es do nosso blog para ficar por dentro das \u00faltimas not\u00edcias do setor de telecomunica\u00e7\u00f5es.[\/subscription]\r\n\r\n<span class=\"h3-style\">Complete list of vulnerable devices<\/span>\r\n<em>ADB Broadband S.p.A, \u00a0\u00a0\u00a0HomeStation ADSL Router\u00a0<\/em>\r\n<em>ADB Broadband, \u00a0\u00a0\u00a0ADB ADSL Router\u00a0<\/em>\r\n<em>ADBB, \u00a0\u00a0\u00a0ADB ADSL Router \u00a0<\/em>\r\n<em>ALSiTEC, \u00a0\u00a0\u00a0Broadcom ADSL Router \u00a0<\/em>\r\n<em>ASB, \u00a0\u00a0\u00a0ADSL Router \u00a0<\/em>\r\n<em>ASB, \u00a0\u00a0\u00a0ChinaNet EPON Router \u00a0<\/em>\r\n<em>ASB, \u00a0\u00a0\u00a0ChinaTelecom E8C(EPON) Gateway \u00a0<\/em>\r\n<em>Actiontec, \u00a0\u00a0\u00a0Actiontec GT784WN \u00a0<\/em>\r\n<em>Actiontec, \u00a0\u00a0\u00a0Verizon ADSL Router \u00a0<\/em>\r\n<em>BEC Technologies Inc., \u00a0\u00a0\u00a0Broadcom ADSL Router\u00a0<\/em>\r\n<em>Best IT World India Pvt. Ltd., \u00a0\u00a0\u00a0150M Wireless-N ADSL2+ Router\u00a0<\/em>\r\n<em>Best IT World India Pvt. Ltd., \u00a0\u00a0\u00a0iB-WRA300N\u00a0<\/em>\r\n<em>Billion Electric Co., Ltd., \u00a0\u00a0\u00a0ADSL2+ Firewall Router\u00a0<\/em>\r\n<em>Billion Electric Co., Ltd., \u00a0\u00a0\u00a0BiPAC 7800NXL\u00a0<\/em>\r\n<em>Billion, \u00a0\u00a0\u00a0BiPAC 7700N\u00a0<\/em>\r\n<em>Billion, \u00a0\u00a0\u00a0BiPAC 7700N R2 \u00a0<\/em>\r\n<em>Binatone Telecommunication, \u00a0\u00a0\u00a0Broadcom LAN Router\u00a0<\/em>\r\n<em>Broadcom, \u00a0\u00a0\u00a0ADSL Router\u00a0<\/em>\r\n<em>Broadcom, \u00a0\u00a0\u00a0ADSL2+ 11n WiFi CPE \u00a0<\/em>\r\n<em>Broadcom, \u00a0\u00a0\u00a0Broadcom\u00a0 Router \u00a0<\/em>\r\n<em>Broadcom, \u00a0\u00a0\u00a0Broadcom ADSL Router \u00a0<\/em>\r\n<em>Broadcom, \u00a0\u00a0\u00a0D-Link DSL-2640B \u00a0<\/em>\r\n<em>Broadcom, \u00a0\u00a0\u00a0D-link ADSL Router \u00a0<\/em>\r\n<em>Broadcom, \u00a0\u00a0\u00a0DLink ADSL Router \u00a0<\/em>\r\n<em>ClearAccess, \u00a0\u00a0\u00a0Broadcom ADSL Router \u00a0<\/em>\r\n<em>Comtrend, \u00a0\u00a0\u00a0AR-5383n\u00a0<\/em>\r\n<em>Comtrend, \u00a0\u00a0\u00a0Broadcom ADSL Router \u00a0<\/em>\r\n<em>Comtrend, \u00a0\u00a0\u00a0Comtrend single-chip ADSL router \u00a0<\/em>\r\n<em>D-Link Corporation., \u00a0\u00a0\u00a0D-Link DSL-2640B\u00a0<\/em>\r\n<em>D-Link Corporation., \u00a0\u00a0\u00a0D-Link DSL-2641B\u00a0<\/em>\r\n<em>D-Link Corporation., \u00a0\u00a0\u00a0D-Link DSL-2740B\u00a0<\/em>\r\n<em>D-Link Corporation., \u00a0\u00a0\u00a0D-Link DSL-2750B\u00a0<\/em>\r\n<em>D-Link Corporation., \u00a0\u00a0\u00a0D-LinkDSL-2640B\u00a0<\/em>\r\n<em>D-Link Corporation., \u00a0\u00a0\u00a0D-LinkDSL-2641B\u00a0<\/em>\r\n<em>D-Link Corporation., \u00a0\u00a0\u00a0D-LinkDSL-2741B\u00a0<\/em>\r\n<em>D-Link Corporation., \u00a0\u00a0\u00a0DSL-2640B\u00a0<\/em>\r\n<em>D-Link, \u00a0\u00a0\u00a0ADSL 4*FE 11n Router \u00a0<\/em>\r\n<em>D-Link, \u00a0\u00a0\u00a0D-Link ADSL Router \u00a0<\/em>\r\n<em>D-Link, \u00a0\u00a0\u00a0D-Link DSL-2640U \u00a0<\/em>\r\n<em>D-Link, \u00a0\u00a0\u00a0D-Link DSL-2730B \u00a0<\/em>\r\n<em>D-Link, \u00a0\u00a0\u00a0D-Link DSL-2730U \u00a0<\/em>\r\n<em>D-Link, \u00a0\u00a0\u00a0D-Link DSL-2750B \u00a0<\/em>\r\n<em>D-Link, \u00a0\u00a0\u00a0D-Link DSL-2750U \u00a0<\/em>\r\n<em>D-Link, \u00a0\u00a0\u00a0D-Link DSL-6751 \u00a0<\/em>\r\n<em>D-Link, \u00a0\u00a0\u00a0D-Link DSL2750U \u00a0<\/em>\r\n<em>D-Link, \u00a0\u00a0\u00a0D-Link Router \u00a0<\/em>\r\n<em>D-Link, \u00a0\u00a0\u00a0D-link ADSL Router \u00a0<\/em>\r\n<em>D-Link, \u00a0\u00a0\u00a0DVA-G3672B-LTT Networks ADSL Router \u00a0<\/em>\r\n<em>DARE, \u00a0\u00a0\u00a0Dare router \u00a0<\/em>\r\n<em>DLink, \u00a0\u00a0\u00a0D-Link DSL-2730B \u00a0<\/em>\r\n<em>DLink, \u00a0\u00a0\u00a0D-Link VDSL Router \u00a0<\/em>\r\n<em>DLink, \u00a0\u00a0\u00a0DLink ADSL Router \u00a0<\/em>\r\n<em>DQ Technology, Inc., \u00a0\u00a0\u00a0ADSL2+ 11n WiFi CPE\u00a0<\/em>\r\n<em>DQ Technology, Inc., \u00a0\u00a0\u00a0Broadcom ADSL Router\u00a0<\/em>\r\n<em>DSL, \u00a0\u00a0\u00a0ADSL Router \u00a0<\/em>\r\n<em>DareGlobal, \u00a0\u00a0\u00a0D-Link ADSL Router \u00a0<\/em>\r\n<em>Digicom S.p.A., \u00a0\u00a0\u00a0ADSL Wireless Modem\/Router \u00a0<\/em>\r\n<em>Digicom S.p.A., \u00a0\u00a0\u00a0RAW300C-T03\u00a0<\/em>\r\n<em>Dlink, \u00a0\u00a0\u00a0D-Link DSL-225 \u00a0<\/em>\r\n<em>Eltex, \u00a0\u00a0\u00a0Broadcom ADSL Router \u00a0<\/em>\r\n<em>FiberHome, \u00a0\u00a0\u00a0Broadcom ADSL Router \u00a0<\/em>\r\n<em>GWD, \u00a0\u00a0\u00a0ChinaTelecom E8C(EPON) Gateway \u00a0<\/em>\r\n<em>Genew, \u00a0\u00a0\u00a0Broadcom ADSL Router \u00a0<\/em>\r\n<em>INTEX, \u00a0\u00a0\u00a0W150D\u00a0<\/em>\r\n<em>INTEX, \u00a0\u00a0\u00a0W300D\u00a0<\/em>\r\n<em>INTEX, \u00a0\u00a0\u00a0Wireless N 150 ADSL2+ Modem Router \u00a0<\/em>\r\n<em>INTEX, \u00a0\u00a0\u00a0Wireless N 300 ADSL2+ Modem Router \u00a0<\/em>\r\n<em>ITI Ltd., \u00a0\u00a0\u00a0ITI Ltd.ADSL2Plus Modem\/Router \u00a0<\/em>\r\n<em>Inteno, \u00a0\u00a0\u00a0Broadcom ADSL Router \u00a0<\/em>\r\n<em>Intercross, \u00a0\u00a0\u00a0Broadcom ADSL Router \u00a0<\/em>\r\n<em>IskraTEL, \u00a0\u00a0\u00a0Broadcom ADSL Router \u00a0<\/em>\r\n<em>Kasda, \u00a0\u00a0\u00a0Broadcom ADSL Router \u00a0<\/em>\r\n<em>Link-One, \u00a0\u00a0\u00a0Modem Roteador Wireless N ADSL2+ 150 Mbps \u00a0<\/em>\r\n<em>Linksys, \u00a0\u00a0\u00a0Cisco X1000\u00a0<\/em>\r\n<em>Linksys, \u00a0\u00a0\u00a0Cisco X3500\u00a0<\/em>\r\n<em>NB, \u00a0\u00a0\u00a0DSL-2740B \u00a0<\/em>\r\n<em>NetComm Wireless Limited, \u00a0\u00a0\u00a0NetComm ADSL2+ Wireless Router \u00a0<\/em>\r\n<em>NetComm, \u00a0\u00a0\u00a0NetComm ADSL2+ Wireless Router \u00a0<\/em>\r\n<em>NetComm, \u00a0\u00a0\u00a0NetComm WiFi Data and VoIP Gateway<\/em>\r\n<em>OPTICOM, \u00a0\u00a0\u00a0DSLink 279\u00a0<\/em>\r\n<em>Opticom, \u00a0\u00a0\u00a0DSLink 485\u00a0<\/em>\r\n<em>Orcon, \u00a0\u00a0\u00a0Genius\u00a0<\/em>\r\n<em>QTECH, \u00a0\u00a0\u00a0QTECH\u00a0<\/em>\r\n<em>Raisecom, \u00a0\u00a0\u00a0Broadcom ADSL Router \u00a0<\/em>\r\n<em>Ramptel, \u00a0\u00a0\u00a0300Mbps ADSL Wireless-N Router \u00a0<\/em>\r\n<em>Router, \u00a0\u00a0\u00a0ADSL2+ Router \u00a0<\/em>\r\n<em>SCTY, \u00a0\u00a0\u00a0TYKH PON Router \u00a0<\/em>\r\n<em>Star-Net, \u00a0\u00a0\u00a0Broadcom ADSL Router \u00a0<\/em>\r\n<em>Starbridge Networks, \u00a0\u00a0\u00a0Broadcom ADSL Router\u00a0<\/em>\r\n<em>TP-LINK Technologies Co., Ltd, \u00a0\u00a0\u00a0300Mbps Wireless N ADSL2+ Modem Router \u00a0<\/em>\r\n<em>TP-LINK Technologies Co., Ltd, \u00a0\u00a0\u00a0300Mbps Wireless N USB ADSL2+ Modem Router \u00a0<\/em>\r\n<em>TP-LINK, \u00a0\u00a0\u00a0TP-LINK Wireless ADSL2+ Modem Router \u00a0<\/em>\r\n<em>TP-LINK, \u00a0\u00a0\u00a0TP-LINK Wireless ADSL2+ Router \u00a0<\/em>\r\n<em>Technicolor, \u00a0\u00a0\u00a0CenturyLink TR-064 v4.0 \u00a0<\/em>\r\n<em>Tenda, \u00a0\u00a0\u00a0Tenda ADSL2+ WIFI MODEM \u00a0<\/em>\r\n<em>Tenda, \u00a0\u00a0\u00a0Tenda ADSL2+ WIFI Router \u00a0<\/em>\r\n<em>Tenda, \u00a0\u00a0\u00a0Tenda Gateway \u00a0<\/em>\r\n<em>Tenda\/Imex, \u00a0\u00a0\u00a0ADSL2+ WIFI-MODEM WITH 3G\/4G USB PORT \u00a0<\/em>\r\n<em>Tenda\/Imex, \u00a0\u00a0\u00a0ADSL2+ WIFI-MODEM WITH EVO SUPPORT \u00a0<\/em>\r\n<em>UTStarcom Inc., \u00a0\u00a0\u00a0UTStarcom ADSL2+ Modem Router \u00a0<\/em>\r\n<em>UTStarcom Inc., \u00a0\u00a0\u00a0UTStarcom ADSL2+ Modem\/Wireless Router \u00a0<\/em>\r\n<em>UniqueNet Solutions, \u00a0\u00a0\u00a0WLAN N300 ADSL2+ Modem Router \u00a0<\/em>\r\n<em>ZTE, \u00a0\u00a0\u00a0Broadcom ADSL Router \u00a0<\/em>\r\n<em>ZTE, \u00a0\u00a0\u00a0ONU Router \u00a0<\/em>\r\n<em>ZYXEL, \u00a0\u00a0\u00a0ZyXEL VDSL Router \u00a0<\/em>\r\n<em>Zhone, \u00a0\u00a0\u00a0Broadcom ADSL Router \u00a0<\/em>\r\n<em>Zhone, \u00a0\u00a0\u00a0Zhone Wireless Gateway \u00a0<\/em>\r\n<em>Zoom, \u00a0\u00a0\u00a0Zoom Adsl Modem\/Router \u00a0<\/em>\r\n<em>ZyXEL, \u00a0\u00a0\u00a0CenturyLink UPnP v1.0 \u00a0<\/em>\r\n<em>ZyXEL, \u00a0\u00a0\u00a0P-660HN-51 \u00a0<\/em>\r\n<em>ZyXEL, \u00a0\u00a0\u00a0ZyXEL xDSL Router \u00a0<\/em>\r\n<em>huaqin, \u00a0\u00a0\u00a0HGU210 v3 Router \u00a0<\/em>\r\n<em>iBall Baton, \u00a0\u00a0\u00a0iBall Baton 150M Wireless-N ADSL2+ Router \u00a0<\/em>\r\n<em>iiNet Limited, \u00a0\u00a0\u00a0BudiiLite\u00a0<\/em>\r\n<em>iiNet, \u00a0\u00a0\u00a0BoB2\u00a0<\/em>\r\n<em>iiNet, \u00a0\u00a0\u00a0BoBLite\u00a0<\/em>","protected":false},"excerpt":{"rendered":"<p>Desde setembro de 2018, o 360Netlab Scanmon detectou v\u00e1rios picos na atividade de varredura na porta TCP 5431. As leituras eram registradas sempre que o n\u00famero de conex\u00f5es (tentativas de varredura) ultrapassava 100.000.<\/p>\n","protected":false},"author":7,"featured_media":13317,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[110,48],"tags":[],"class_list":["post-13315","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","category-telecom"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.1 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>(English) VASExperts<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/vasexperts.com\/blog\/security\/the-botnet-spams-via-routers\/\",\"url\":\"https:\/\/vasexperts.com\/blog\/security\/the-botnet-spams-via-routers\/\",\"name\":\"[:en]Botnet spams through routers: network protection from DDoS attacks[:es]Spam de botnets a trav\u00e9s de routers: protecci\u00f3n de la red contra ataques DDoS[:fr]Botnets spamm\u00e9s via les routeurs\u00a0: protection du r\u00e9seau contre les attaques DDoS[:br]Spams de botnets atrav\u00e9s de roteadores: prote\u00e7\u00e3o de rede contra ataques DDoS\",\"isPartOf\":{\"@id\":\"https:\/\/vasexperts.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/vasexperts.com\/blog\/security\/the-botnet-spams-via-routers\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/vasexperts.com\/blog\/security\/the-botnet-spams-via-routers\/#primaryimage\"},\"thumbnailUrl\":\"\/wp-content\/uploads\/2025\/09\/bot_router.jpg\",\"datePublished\":\"2018-11-26T15:25:53+00:00\",\"dateModified\":\"2025-09-09T12:07:38+00:00\",\"author\":{\"@id\":\"https:\/\/vasexperts.com\/#\/schema\/person\/f4edcaef26fe49b6b59baf8ac5b62170\"},\"description\":\"[:en]The interaction between a botnet and a \u201cvictim\u201d resulting in the device becoming a bot that performs the tasks of the primary botnet.[:es]La interacci\u00f3n entre una red de bots y una \u00abv\u00edctima\u00bb que da como resultado que el dispositivo se convierta en un bot que realiza las tareas de la red de bots principal.[:fr]Interaction entre un botnet et une \u00ab\u00a0victime\u00a0\u00bb\u00a0: l'appareil devient un bot ex\u00e9cutant les t\u00e2ches du botnet principal.[:br]A intera\u00e7\u00e3o entre uma botnet e uma \\\"v\u00edtima\\\", resultando na transforma\u00e7\u00e3o do dispositivo em um bot que executa as tarefas da botnet prim\u00e1ria.\",\"breadcrumb\":{\"@id\":\"https:\/\/vasexperts.com\/blog\/security\/the-botnet-spams-via-routers\/#breadcrumb\"},\"inLanguage\":\"br-PT\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/vasexperts.com\/blog\/security\/the-botnet-spams-via-routers\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"br-PT\",\"@id\":\"https:\/\/vasexperts.com\/blog\/security\/the-botnet-spams-via-routers\/#primaryimage\",\"url\":\"\/wp-content\/uploads\/2025\/09\/bot_router.jpg\",\"contentUrl\":\"\/wp-content\/uploads\/2025\/09\/bot_router.jpg\",\"width\":1278,\"height\":852,\"caption\":\"botnet router\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/vasexperts.com\/blog\/security\/the-botnet-spams-via-routers\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u0413\u043b\u0430\u0432\u043d\u0430\u044f \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0430\",\"item\":\"https:\/\/vasexperts.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"The botnet spams via routers\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/vasexperts.com\/#website\",\"url\":\"https:\/\/vasexperts.com\/\",\"name\":\"ITGLOBAL.COM\",\"description\":\"(English) VASExperts\",\"inLanguage\":\"br-PT\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/vasexperts.com\/#\/schema\/person\/f4edcaef26fe49b6b59baf8ac5b62170\",\"name\":\"Elena Rudich\",\"url\":\"https:\/\/vasexperts.com\/br\/blog\/author\/elena-rudich\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"(English) VASExperts","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/vasexperts.com\/blog\/security\/the-botnet-spams-via-routers\/","url":"https:\/\/vasexperts.com\/blog\/security\/the-botnet-spams-via-routers\/","name":"[:en]Botnet spams through routers: network protection from DDoS attacks[:es]Spam de botnets a trav\u00e9s de routers: protecci\u00f3n de la red contra ataques DDoS[:fr]Botnets spamm\u00e9s via les routeurs\u00a0: protection du r\u00e9seau contre les attaques DDoS[:br]Spams de botnets atrav\u00e9s de roteadores: prote\u00e7\u00e3o de rede contra ataques DDoS","isPartOf":{"@id":"https:\/\/vasexperts.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/vasexperts.com\/blog\/security\/the-botnet-spams-via-routers\/#primaryimage"},"image":{"@id":"https:\/\/vasexperts.com\/blog\/security\/the-botnet-spams-via-routers\/#primaryimage"},"thumbnailUrl":"\/wp-content\/uploads\/2025\/09\/bot_router.jpg","datePublished":"2018-11-26T15:25:53+00:00","dateModified":"2025-09-09T12:07:38+00:00","author":{"@id":"https:\/\/vasexperts.com\/#\/schema\/person\/f4edcaef26fe49b6b59baf8ac5b62170"},"description":"[:en]The interaction between a botnet and a \u201cvictim\u201d resulting in the device becoming a bot that performs the tasks of the primary botnet.[:es]La interacci\u00f3n entre una red de bots y una \u00abv\u00edctima\u00bb que da como resultado que el dispositivo se convierta en un bot que realiza las tareas de la red de bots principal.[:fr]Interaction entre un botnet et une \u00ab\u00a0victime\u00a0\u00bb\u00a0: l'appareil devient un bot ex\u00e9cutant les t\u00e2ches du botnet principal.[:br]A intera\u00e7\u00e3o entre uma botnet e uma \"v\u00edtima\", resultando na transforma\u00e7\u00e3o do dispositivo em um bot que executa as tarefas da botnet prim\u00e1ria.","breadcrumb":{"@id":"https:\/\/vasexperts.com\/blog\/security\/the-botnet-spams-via-routers\/#breadcrumb"},"inLanguage":"br-PT","potentialAction":[{"@type":"ReadAction","target":["https:\/\/vasexperts.com\/blog\/security\/the-botnet-spams-via-routers\/"]}]},{"@type":"ImageObject","inLanguage":"br-PT","@id":"https:\/\/vasexperts.com\/blog\/security\/the-botnet-spams-via-routers\/#primaryimage","url":"\/wp-content\/uploads\/2025\/09\/bot_router.jpg","contentUrl":"\/wp-content\/uploads\/2025\/09\/bot_router.jpg","width":1278,"height":852,"caption":"botnet router"},{"@type":"BreadcrumbList","@id":"https:\/\/vasexperts.com\/blog\/security\/the-botnet-spams-via-routers\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u0413\u043b\u0430\u0432\u043d\u0430\u044f \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0430","item":"https:\/\/vasexperts.com\/"},{"@type":"ListItem","position":2,"name":"The botnet spams via routers"}]},{"@type":"WebSite","@id":"https:\/\/vasexperts.com\/#website","url":"https:\/\/vasexperts.com\/","name":"ITGLOBAL.COM","description":"(English) VASExperts","inLanguage":"br-PT"},{"@type":"Person","@id":"https:\/\/vasexperts.com\/#\/schema\/person\/f4edcaef26fe49b6b59baf8ac5b62170","name":"Elena Rudich","url":"https:\/\/vasexperts.com\/br\/blog\/author\/elena-rudich\/"}]}},"_links":{"self":[{"href":"https:\/\/vasexperts.com\/br\/wp-json\/wp\/v2\/posts\/13315"}],"collection":[{"href":"https:\/\/vasexperts.com\/br\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/vasexperts.com\/br\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/vasexperts.com\/br\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/vasexperts.com\/br\/wp-json\/wp\/v2\/comments?post=13315"}],"version-history":[{"count":6,"href":"https:\/\/vasexperts.com\/br\/wp-json\/wp\/v2\/posts\/13315\/revisions"}],"predecessor-version":[{"id":13328,"href":"https:\/\/vasexperts.com\/br\/wp-json\/wp\/v2\/posts\/13315\/revisions\/13328"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/vasexperts.com\/br\/wp-json\/wp\/v2\/media\/13317"}],"wp:attachment":[{"href":"https:\/\/vasexperts.com\/br\/wp-json\/wp\/v2\/media?parent=13315"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/vasexperts.com\/br\/wp-json\/wp\/v2\/categories?post=13315"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/vasexperts.com\/br\/wp-json\/wp\/v2\/tags?post=13315"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}