{"id":13315,"date":"2018-11-26T18:25:53","date_gmt":"2018-11-26T15:25:53","guid":{"rendered":"https:\/\/vasexperts.com\/?p=13315"},"modified":"2025-09-09T15:07:38","modified_gmt":"2025-09-09T12:07:38","slug":"the-botnet-spams-via-routers","status":"publish","type":"post","link":"https:\/\/vasexperts.com\/fr\/blog\/security\/the-botnet-spams-via-routers\/","title":{"rendered":"Le botnet envoie des spams via des routeurs."},"content":{"rendered":"360Netlab note qu\u2019il s\u2019agit de l\u2019activit\u00e9 la plus \u00e9lev\u00e9e par rapport aux autres botnets \u00e9tudi\u00e9s pr\u00e9c\u00e9demment.\r\n\r\nL\u2019interaction entre le botnet et la \u00ab victime \u00bb s\u2019est d\u00e9roul\u00e9e en plusieurs \u00e9tapes (voir figure ci-dessous). Tout d\u2019abord, le port TCP 5431 a \u00e9t\u00e9 scann\u00e9. Ensuite, le port UDP 1900 a \u00e9t\u00e9 v\u00e9rifi\u00e9 : une s\u00e9quence sp\u00e9cifique lui a \u00e9t\u00e9 envoy\u00e9e, dans l\u2019attente d\u2019une URL vuln\u00e9rable fournie par l\u2019appareil en r\u00e9ponse. Apr\u00e8s avoir re\u00e7u le lien vuln\u00e9rable, quatre autres sessions avec l\u2019appareil ont eu lieu afin de d\u00e9terminer le point d\u2019entr\u00e9e pour ex\u00e9cuter le code shell dans la m\u00e9moire de l\u2019appareil. En cons\u00e9quence, l\u2019appareil a \u00e9t\u00e9 transform\u00e9 en un bot qui effectuait les t\u00e2ches du botnet principal.\r\n\r\n<noscript><img decoding=\"async\" src=\"\/wp-content\/uploads\/2018\/11\/botnet-interaction.jpg\" alt=\"botnet interaction\" width=\"100%\" height=\"auto\" class=\"alignnone size-full wp-image-13319\" srcset=\"\/wp-content\/uploads\/2018\/11\/botnet-interaction.jpg 798w, \/wp-content\/uploads\/2018\/11\/botnet-interaction-300x230.jpg 300w, \/wp-content\/uploads\/2018\/11\/botnet-interaction-768x588.jpg 768w\" sizes=\"(max-width: 798px) 100vw, 798px\"><\/noscript><img decoding=\"async\" src=\"\/wp-content\/uploads\/2018\/11\/botnet-interaction.jpg\" alt=\"botnet interaction\" width=\"100%\" height=\"auto\" class=\"alignnone size-full wp-image-13319 lazyload\" sizes=\"(max-width: 798px) 100vw, 798px\" data-src=\"\/wp-content\/uploads\/2018\/11\/botnet-interaction.jpg\" data-srcset=\"\/wp-content\/uploads\/2018\/11\/botnet-interaction.jpg 798w, \/wp-content\/uploads\/2018\/11\/botnet-interaction-300x230.jpg 300w, \/wp-content\/uploads\/2018\/11\/botnet-interaction-768x588.jpg 768w\">\r\n\r\nPour l\u2019avenir, il convient de noter que les ports 5431 et 1900 n\u2019ont pas \u00e9t\u00e9 choisis au hasard, car le service UPnP fonctionne g\u00e9n\u00e9ralement sur ces ports. Cela signifie que ce service, qui est activ\u00e9 par d\u00e9faut sur la plupart des appareils, pr\u00e9sente une vuln\u00e9rabilit\u00e9. Nous examinerons la liste des appareils plus tard.\r\n\r\nPendant longtemps, les experts n\u2019ont pas \u00e9t\u00e9 en mesure de d\u00e9tecter ce probl\u00e8me. Le probl\u00e8me consistait \u00e0 faire en sorte que <a href=\"https:\/\/en.wikipedia.org\/wiki\/Honeypot_(computing)\" rel=\"nofollow\">le honeypot<\/a> (une ressource qui sert d\u2019app\u00e2t pour les attaquants) imite un appareil dans le sc\u00e9nario d\u00e9crit ci-dessus. Ce n\u2019est qu\u2019en octobre 2018, apr\u00e8s un long processus de configuration, qu\u2019ils ont r\u00e9ussi \u00e0 le faire et \u00e0 tromper le botnet. Le projet a \u00e9t\u00e9 baptis\u00e9 BCMUPnP_Hunter.\r\n\r\nDes recherches plus approfondies ont montr\u00e9 que le botnet pr\u00e9sente les caract\u00e9ristiques suivantes :\r\n<ul>\r\n\t<li>Le nombre d\u2019infections est tr\u00e8s \u00e9lev\u00e9, avec environ 100 000 adresses IP actives en cours d\u2019analyse \u00e0 chaque \u00e9v\u00e9nement.<\/li>\r\n\t<li>La cible de l\u2019infection est principalement les \u00e9quipements routeurs sur lesquels la fonction BroadCom UPnP est activ\u00e9e.<\/li>\r\n\t<li>Le serveur de l\u2019attaquant envoie des e-mails via ce botnet, qui est essentiellement un serveur proxy. Actuellement, les requ\u00eates adress\u00e9es \u00e0 des serveurs de messagerie connus tels que Outlook, Hotmail, Yahoo! Mail, etc. sont enregistr\u00e9es. Les chercheurs pensent que l\u2019objectif des attaquants est d\u2019envoyer des spams.<\/li>\r\n<\/ul>\r\nLa fr\u00e9quence et le nombre de n\u0153uds de scan sont indiqu\u00e9s dans le graphique ci-dessous.\r\n\r\n<noscript><img decoding=\"async\" src=\"\/wp-content\/uploads\/2018\/11\/nodes_scanning.png\" alt=\"nodes scanning\" width=\"100%\" height=\"auto\" class=\"alignnone size-full wp-image-13320\" srcset=\"\/wp-content\/uploads\/2018\/11\/nodes_scanning.png 728w, \/wp-content\/uploads\/2018\/11\/nodes_scanning-300x200.png 300w\" sizes=\"(max-width: 728px) 100vw, 728px\"><\/noscript><img decoding=\"async\" src=\"\/wp-content\/uploads\/2018\/11\/nodes_scanning.png\" alt=\"nodes scanning\" width=\"100%\" height=\"auto\" class=\"alignnone size-full wp-image-13320 lazyload\" sizes=\"(max-width: 728px) 100vw, 728px\" data-src=\"\/wp-content\/uploads\/2018\/11\/nodes_scanning.png\" data-srcset=\"\/wp-content\/uploads\/2018\/11\/nodes_scanning.png 728w, \/wp-content\/uploads\/2018\/11\/nodes_scanning-300x200.png 300w\">\r\n\r\nComme on peut le constater, l\u2019activit\u00e9 augmente tous les 1 \u00e0 3 jours et atteint parfois 100\u00a0000 n\u0153uds. Le nombre total de n\u0153uds attaquants est d\u2019environ 3,34 millions, mais il n\u2019est pas exclu que les m\u00eames appareils puissent avoir des adresses IP diff\u00e9rentes.\r\n\r\nLa localisation g\u00e9ographique des renifleurs est indiqu\u00e9e sur la carte.\r\n\r\n<noscript><img decoding=\"async\" src=\"\/wp-content\/uploads\/2018\/11\/sniffers_location.png\" alt=\"sniffers location\" width=\"100%\" height=\"auto\" class=\"alignnone size-full wp-image-13321\" srcset=\"\/wp-content\/uploads\/2018\/11\/sniffers_location.png 1600w, \/wp-content\/uploads\/2018\/11\/sniffers_location-300x150.png 300w, \/wp-content\/uploads\/2018\/11\/sniffers_location-1024x511.png 1024w, \/wp-content\/uploads\/2018\/11\/sniffers_location-768x384.png 768w, \/wp-content\/uploads\/2018\/11\/sniffers_location-1536x767.png 1536w\" sizes=\"(max-width: 1600px) 100vw, 1600px\"><\/noscript><img decoding=\"async\" src=\"\/wp-content\/uploads\/2018\/11\/sniffers_location.png\" alt=\"sniffers location\" width=\"100%\" height=\"auto\" class=\"alignnone size-full wp-image-13321 lazyload\" sizes=\"(max-width: 1600px) 100vw, 1600px\" data-src=\"\/wp-content\/uploads\/2018\/11\/sniffers_location.png\" data-srcset=\"\/wp-content\/uploads\/2018\/11\/sniffers_location.png 1600w, \/wp-content\/uploads\/2018\/11\/sniffers_location-300x150.png 300w, \/wp-content\/uploads\/2018\/11\/sniffers_location-1024x511.png 1024w, \/wp-content\/uploads\/2018\/11\/sniffers_location-768x384.png 768w, \/wp-content\/uploads\/2018\/11\/sniffers_location-1536x767.png 1536w\">\r\n\r\nL\u2019Inde arrive en t\u00eate avec 147\u00a0700 n\u0153uds, suivie des \u00c9tats-Unis et de la Chine.\r\n\r\nLa liste des appareils vuln\u00e9rables comprend de nombreuses marques populaires telles que Cisco, Zyxel, D-Link, Eltex et TP-Link. Au total, on compte environ 116 appareils, mais les chercheurs soulignent que ce nombre pourrait \u00eatre plus \u00e9lev\u00e9. La liste compl\u00e8te est fournie ci-dessous.\r\n\r\nLes cons\u00e9quences sont \u00e9videntes\u00a0: 100\u00a0% des adresses IP des fournisseurs sont sur liste noire des services antispam.\r\n\r\nIl est int\u00e9ressant de noter qu\u2019une grande partie des appareils vuln\u00e9rables sont des routeurs ADSL. C\u2019est probablement une co\u00efncidence, mais il ne faut pas oublier que le xDSL est encore utilis\u00e9 dans de nombreux pays en d\u00e9veloppement tr\u00e8s peupl\u00e9s.\r\n\r\n<a href=\"\/fr\/products\/stingray\/\">Stingray<\/a> offre une protection contre les attaques DDoS et la nouvelle version int\u00e8gre une fonction <a href=\"\/products\/stingray\/mini-firewall\/\">mini-Firewallmini-pare-feu<\/a>, que nous d\u00e9taillerons prochainement dans notre blog. Pour plus d\u2019informations sur les avantages de la plateforme, son utilisation efficace dans les r\u00e9seaux de t\u00e9l\u00e9communications, ainsi que sur la migration depuis d\u2019autres plateformes et l\u2019int\u00e9gration avec d\u2019autres syst\u00e8mes, veuillez contacter les sp\u00e9cialistes de VAS Experts, d\u00e9veloppeur et fournisseur du syst\u00e8me d\u2019analyse de trafic Stingray Service Gateway.\r\n\r\n[subscription id=\u00a0\u00bb11987\u2033]Abonnez-vous \u00e0 notre blog pour rester inform\u00e9 des derni\u00e8res actualit\u00e9s du secteur des t\u00e9l\u00e9communications.[\/subscription]\r\n\r\n<span class=\"h3-style\">Complete list of vulnerable devices<\/span>\r\n<em>ADB Broadband S.p.A, \u00a0\u00a0\u00a0HomeStation ADSL Router\u00a0<\/em>\r\n<em>ADB Broadband, \u00a0\u00a0\u00a0ADB ADSL Router\u00a0<\/em>\r\n<em>ADBB, \u00a0\u00a0\u00a0ADB ADSL Router \u00a0<\/em>\r\n<em>ALSiTEC, \u00a0\u00a0\u00a0Broadcom ADSL Router \u00a0<\/em>\r\n<em>ASB, \u00a0\u00a0\u00a0ADSL Router \u00a0<\/em>\r\n<em>ASB, \u00a0\u00a0\u00a0ChinaNet EPON Router \u00a0<\/em>\r\n<em>ASB, \u00a0\u00a0\u00a0ChinaTelecom E8C(EPON) Gateway \u00a0<\/em>\r\n<em>Actiontec, \u00a0\u00a0\u00a0Actiontec GT784WN \u00a0<\/em>\r\n<em>Actiontec, \u00a0\u00a0\u00a0Verizon ADSL Router \u00a0<\/em>\r\n<em>BEC Technologies Inc., \u00a0\u00a0\u00a0Broadcom ADSL Router\u00a0<\/em>\r\n<em>Best IT World India Pvt. Ltd., \u00a0\u00a0\u00a0150M Wireless-N ADSL2+ Router\u00a0<\/em>\r\n<em>Best IT World India Pvt. Ltd., \u00a0\u00a0\u00a0iB-WRA300N\u00a0<\/em>\r\n<em>Billion Electric Co., Ltd., \u00a0\u00a0\u00a0ADSL2+ Firewall Router\u00a0<\/em>\r\n<em>Billion Electric Co., Ltd., \u00a0\u00a0\u00a0BiPAC 7800NXL\u00a0<\/em>\r\n<em>Billion, \u00a0\u00a0\u00a0BiPAC 7700N\u00a0<\/em>\r\n<em>Billion, \u00a0\u00a0\u00a0BiPAC 7700N R2 \u00a0<\/em>\r\n<em>Binatone Telecommunication, \u00a0\u00a0\u00a0Broadcom LAN Router\u00a0<\/em>\r\n<em>Broadcom, \u00a0\u00a0\u00a0ADSL Router\u00a0<\/em>\r\n<em>Broadcom, \u00a0\u00a0\u00a0ADSL2+ 11n WiFi CPE \u00a0<\/em>\r\n<em>Broadcom, \u00a0\u00a0\u00a0Broadcom\u00a0 Router \u00a0<\/em>\r\n<em>Broadcom, \u00a0\u00a0\u00a0Broadcom ADSL Router \u00a0<\/em>\r\n<em>Broadcom, \u00a0\u00a0\u00a0D-Link DSL-2640B \u00a0<\/em>\r\n<em>Broadcom, \u00a0\u00a0\u00a0D-link ADSL Router \u00a0<\/em>\r\n<em>Broadcom, \u00a0\u00a0\u00a0DLink ADSL Router \u00a0<\/em>\r\n<em>ClearAccess, \u00a0\u00a0\u00a0Broadcom ADSL Router \u00a0<\/em>\r\n<em>Comtrend, \u00a0\u00a0\u00a0AR-5383n\u00a0<\/em>\r\n<em>Comtrend, \u00a0\u00a0\u00a0Broadcom ADSL Router \u00a0<\/em>\r\n<em>Comtrend, \u00a0\u00a0\u00a0Comtrend single-chip ADSL router \u00a0<\/em>\r\n<em>D-Link Corporation., \u00a0\u00a0\u00a0D-Link DSL-2640B\u00a0<\/em>\r\n<em>D-Link Corporation., \u00a0\u00a0\u00a0D-Link DSL-2641B\u00a0<\/em>\r\n<em>D-Link Corporation., \u00a0\u00a0\u00a0D-Link DSL-2740B\u00a0<\/em>\r\n<em>D-Link Corporation., \u00a0\u00a0\u00a0D-Link DSL-2750B\u00a0<\/em>\r\n<em>D-Link Corporation., \u00a0\u00a0\u00a0D-LinkDSL-2640B\u00a0<\/em>\r\n<em>D-Link Corporation., \u00a0\u00a0\u00a0D-LinkDSL-2641B\u00a0<\/em>\r\n<em>D-Link Corporation., \u00a0\u00a0\u00a0D-LinkDSL-2741B\u00a0<\/em>\r\n<em>D-Link Corporation., \u00a0\u00a0\u00a0DSL-2640B\u00a0<\/em>\r\n<em>D-Link, \u00a0\u00a0\u00a0ADSL 4*FE 11n Router \u00a0<\/em>\r\n<em>D-Link, \u00a0\u00a0\u00a0D-Link ADSL Router \u00a0<\/em>\r\n<em>D-Link, \u00a0\u00a0\u00a0D-Link DSL-2640U \u00a0<\/em>\r\n<em>D-Link, \u00a0\u00a0\u00a0D-Link DSL-2730B \u00a0<\/em>\r\n<em>D-Link, \u00a0\u00a0\u00a0D-Link DSL-2730U \u00a0<\/em>\r\n<em>D-Link, \u00a0\u00a0\u00a0D-Link DSL-2750B \u00a0<\/em>\r\n<em>D-Link, \u00a0\u00a0\u00a0D-Link DSL-2750U \u00a0<\/em>\r\n<em>D-Link, \u00a0\u00a0\u00a0D-Link DSL-6751 \u00a0<\/em>\r\n<em>D-Link, \u00a0\u00a0\u00a0D-Link DSL2750U \u00a0<\/em>\r\n<em>D-Link, \u00a0\u00a0\u00a0D-Link Router \u00a0<\/em>\r\n<em>D-Link, \u00a0\u00a0\u00a0D-link ADSL Router \u00a0<\/em>\r\n<em>D-Link, \u00a0\u00a0\u00a0DVA-G3672B-LTT Networks ADSL Router \u00a0<\/em>\r\n<em>DARE, \u00a0\u00a0\u00a0Dare router \u00a0<\/em>\r\n<em>DLink, \u00a0\u00a0\u00a0D-Link DSL-2730B \u00a0<\/em>\r\n<em>DLink, \u00a0\u00a0\u00a0D-Link VDSL Router \u00a0<\/em>\r\n<em>DLink, \u00a0\u00a0\u00a0DLink ADSL Router \u00a0<\/em>\r\n<em>DQ Technology, Inc., \u00a0\u00a0\u00a0ADSL2+ 11n WiFi CPE\u00a0<\/em>\r\n<em>DQ Technology, Inc., \u00a0\u00a0\u00a0Broadcom ADSL Router\u00a0<\/em>\r\n<em>DSL, \u00a0\u00a0\u00a0ADSL Router \u00a0<\/em>\r\n<em>DareGlobal, \u00a0\u00a0\u00a0D-Link ADSL Router \u00a0<\/em>\r\n<em>Digicom S.p.A., \u00a0\u00a0\u00a0ADSL Wireless Modem\/Router \u00a0<\/em>\r\n<em>Digicom S.p.A., \u00a0\u00a0\u00a0RAW300C-T03\u00a0<\/em>\r\n<em>Dlink, \u00a0\u00a0\u00a0D-Link DSL-225 \u00a0<\/em>\r\n<em>Eltex, \u00a0\u00a0\u00a0Broadcom ADSL Router \u00a0<\/em>\r\n<em>FiberHome, \u00a0\u00a0\u00a0Broadcom ADSL Router \u00a0<\/em>\r\n<em>GWD, \u00a0\u00a0\u00a0ChinaTelecom E8C(EPON) Gateway \u00a0<\/em>\r\n<em>Genew, \u00a0\u00a0\u00a0Broadcom ADSL Router \u00a0<\/em>\r\n<em>INTEX, \u00a0\u00a0\u00a0W150D\u00a0<\/em>\r\n<em>INTEX, \u00a0\u00a0\u00a0W300D\u00a0<\/em>\r\n<em>INTEX, \u00a0\u00a0\u00a0Wireless N 150 ADSL2+ Modem Router \u00a0<\/em>\r\n<em>INTEX, \u00a0\u00a0\u00a0Wireless N 300 ADSL2+ Modem Router \u00a0<\/em>\r\n<em>ITI Ltd., \u00a0\u00a0\u00a0ITI Ltd.ADSL2Plus Modem\/Router \u00a0<\/em>\r\n<em>Inteno, \u00a0\u00a0\u00a0Broadcom ADSL Router \u00a0<\/em>\r\n<em>Intercross, \u00a0\u00a0\u00a0Broadcom ADSL Router \u00a0<\/em>\r\n<em>IskraTEL, \u00a0\u00a0\u00a0Broadcom ADSL Router \u00a0<\/em>\r\n<em>Kasda, \u00a0\u00a0\u00a0Broadcom ADSL Router \u00a0<\/em>\r\n<em>Link-One, \u00a0\u00a0\u00a0Modem Roteador Wireless N ADSL2+ 150 Mbps \u00a0<\/em>\r\n<em>Linksys, \u00a0\u00a0\u00a0Cisco X1000\u00a0<\/em>\r\n<em>Linksys, \u00a0\u00a0\u00a0Cisco X3500\u00a0<\/em>\r\n<em>NB, \u00a0\u00a0\u00a0DSL-2740B \u00a0<\/em>\r\n<em>NetComm Wireless Limited, \u00a0\u00a0\u00a0NetComm ADSL2+ Wireless Router \u00a0<\/em>\r\n<em>NetComm, \u00a0\u00a0\u00a0NetComm ADSL2+ Wireless Router \u00a0<\/em>\r\n<em>NetComm, \u00a0\u00a0\u00a0NetComm WiFi Data and VoIP Gateway<\/em>\r\n<em>OPTICOM, \u00a0\u00a0\u00a0DSLink 279\u00a0<\/em>\r\n<em>Opticom, \u00a0\u00a0\u00a0DSLink 485\u00a0<\/em>\r\n<em>Orcon, \u00a0\u00a0\u00a0Genius\u00a0<\/em>\r\n<em>QTECH, \u00a0\u00a0\u00a0QTECH\u00a0<\/em>\r\n<em>Raisecom, \u00a0\u00a0\u00a0Broadcom ADSL Router \u00a0<\/em>\r\n<em>Ramptel, \u00a0\u00a0\u00a0300Mbps ADSL Wireless-N Router \u00a0<\/em>\r\n<em>Router, \u00a0\u00a0\u00a0ADSL2+ Router \u00a0<\/em>\r\n<em>SCTY, \u00a0\u00a0\u00a0TYKH PON Router \u00a0<\/em>\r\n<em>Star-Net, \u00a0\u00a0\u00a0Broadcom ADSL Router \u00a0<\/em>\r\n<em>Starbridge Networks, \u00a0\u00a0\u00a0Broadcom ADSL Router\u00a0<\/em>\r\n<em>TP-LINK Technologies Co., Ltd, \u00a0\u00a0\u00a0300Mbps Wireless N ADSL2+ Modem Router \u00a0<\/em>\r\n<em>TP-LINK Technologies Co., Ltd, \u00a0\u00a0\u00a0300Mbps Wireless N USB ADSL2+ Modem Router \u00a0<\/em>\r\n<em>TP-LINK, \u00a0\u00a0\u00a0TP-LINK Wireless ADSL2+ Modem Router \u00a0<\/em>\r\n<em>TP-LINK, \u00a0\u00a0\u00a0TP-LINK Wireless ADSL2+ Router \u00a0<\/em>\r\n<em>Technicolor, \u00a0\u00a0\u00a0CenturyLink TR-064 v4.0 \u00a0<\/em>\r\n<em>Tenda, \u00a0\u00a0\u00a0Tenda ADSL2+ WIFI MODEM \u00a0<\/em>\r\n<em>Tenda, \u00a0\u00a0\u00a0Tenda ADSL2+ WIFI Router \u00a0<\/em>\r\n<em>Tenda, \u00a0\u00a0\u00a0Tenda Gateway \u00a0<\/em>\r\n<em>Tenda\/Imex, \u00a0\u00a0\u00a0ADSL2+ WIFI-MODEM WITH 3G\/4G USB PORT \u00a0<\/em>\r\n<em>Tenda\/Imex, \u00a0\u00a0\u00a0ADSL2+ WIFI-MODEM WITH EVO SUPPORT \u00a0<\/em>\r\n<em>UTStarcom Inc., \u00a0\u00a0\u00a0UTStarcom ADSL2+ Modem Router \u00a0<\/em>\r\n<em>UTStarcom Inc., \u00a0\u00a0\u00a0UTStarcom ADSL2+ Modem\/Wireless Router \u00a0<\/em>\r\n<em>UniqueNet Solutions, \u00a0\u00a0\u00a0WLAN N300 ADSL2+ Modem Router \u00a0<\/em>\r\n<em>ZTE, \u00a0\u00a0\u00a0Broadcom ADSL Router \u00a0<\/em>\r\n<em>ZTE, \u00a0\u00a0\u00a0ONU Router \u00a0<\/em>\r\n<em>ZYXEL, \u00a0\u00a0\u00a0ZyXEL VDSL Router \u00a0<\/em>\r\n<em>Zhone, \u00a0\u00a0\u00a0Broadcom ADSL Router \u00a0<\/em>\r\n<em>Zhone, \u00a0\u00a0\u00a0Zhone Wireless Gateway \u00a0<\/em>\r\n<em>Zoom, \u00a0\u00a0\u00a0Zoom Adsl Modem\/Router \u00a0<\/em>\r\n<em>ZyXEL, \u00a0\u00a0\u00a0CenturyLink UPnP v1.0 \u00a0<\/em>\r\n<em>ZyXEL, \u00a0\u00a0\u00a0P-660HN-51 \u00a0<\/em>\r\n<em>ZyXEL, \u00a0\u00a0\u00a0ZyXEL xDSL Router \u00a0<\/em>\r\n<em>huaqin, \u00a0\u00a0\u00a0HGU210 v3 Router \u00a0<\/em>\r\n<em>iBall Baton, \u00a0\u00a0\u00a0iBall Baton 150M Wireless-N ADSL2+ Router \u00a0<\/em>\r\n<em>iiNet Limited, \u00a0\u00a0\u00a0BudiiLite\u00a0<\/em>\r\n<em>iiNet, \u00a0\u00a0\u00a0BoB2\u00a0<\/em>\r\n<em>iiNet, \u00a0\u00a0\u00a0BoBLite\u00a0<\/em>","protected":false},"excerpt":{"rendered":"<p>Depuis septembre 2018, 360Netlab Scanmon a d\u00e9tect\u00e9 plusieurs pics d&rsquo;activit\u00e9 de scan sur le port TCP 5431. Les relev\u00e9s ont \u00e9t\u00e9 enregistr\u00e9s chaque fois que le nombre de connexions (tentatives de scan) d\u00e9passait 100 000.<\/p>\n","protected":false},"author":7,"featured_media":13317,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[110,48],"tags":[],"class_list":["post-13315","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","category-telecom"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.1 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>(English) VASExperts<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/vasexperts.com\/blog\/security\/the-botnet-spams-via-routers\/\",\"url\":\"https:\/\/vasexperts.com\/blog\/security\/the-botnet-spams-via-routers\/\",\"name\":\"[:en]Botnet spams through routers: network protection from DDoS attacks[:es]Spam de botnets a trav\u00e9s de routers: protecci\u00f3n de la red contra ataques DDoS[:fr]Botnets spamm\u00e9s via les routeurs\u00a0: protection du r\u00e9seau contre les attaques DDoS[:br]Spams de botnets atrav\u00e9s de roteadores: prote\u00e7\u00e3o de rede contra ataques DDoS\",\"isPartOf\":{\"@id\":\"https:\/\/vasexperts.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/vasexperts.com\/blog\/security\/the-botnet-spams-via-routers\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/vasexperts.com\/blog\/security\/the-botnet-spams-via-routers\/#primaryimage\"},\"thumbnailUrl\":\"\/wp-content\/uploads\/2025\/09\/bot_router.jpg\",\"datePublished\":\"2018-11-26T15:25:53+00:00\",\"dateModified\":\"2025-09-09T12:07:38+00:00\",\"author\":{\"@id\":\"https:\/\/vasexperts.com\/#\/schema\/person\/f4edcaef26fe49b6b59baf8ac5b62170\"},\"description\":\"[:en]The interaction between a botnet and a \u201cvictim\u201d resulting in the device becoming a bot that performs the tasks of the primary botnet.[:es]La interacci\u00f3n entre una red de bots y una \u00abv\u00edctima\u00bb que da como resultado que el dispositivo se convierta en un bot que realiza las tareas de la red de bots principal.[:fr]Interaction entre un botnet et une \u00ab\u00a0victime\u00a0\u00bb\u00a0: l'appareil devient un bot ex\u00e9cutant les t\u00e2ches du botnet principal.[:br]A intera\u00e7\u00e3o entre uma botnet e uma \\\"v\u00edtima\\\", resultando na transforma\u00e7\u00e3o do dispositivo em um bot que executa as tarefas da botnet prim\u00e1ria.\",\"breadcrumb\":{\"@id\":\"https:\/\/vasexperts.com\/blog\/security\/the-botnet-spams-via-routers\/#breadcrumb\"},\"inLanguage\":\"fr-FR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/vasexperts.com\/blog\/security\/the-botnet-spams-via-routers\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\/\/vasexperts.com\/blog\/security\/the-botnet-spams-via-routers\/#primaryimage\",\"url\":\"\/wp-content\/uploads\/2025\/09\/bot_router.jpg\",\"contentUrl\":\"\/wp-content\/uploads\/2025\/09\/bot_router.jpg\",\"width\":1278,\"height\":852,\"caption\":\"botnet router\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/vasexperts.com\/blog\/security\/the-botnet-spams-via-routers\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u0413\u043b\u0430\u0432\u043d\u0430\u044f \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0430\",\"item\":\"https:\/\/vasexperts.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"The botnet spams via routers\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/vasexperts.com\/#website\",\"url\":\"https:\/\/vasexperts.com\/\",\"name\":\"ITGLOBAL.COM\",\"description\":\"(English) VASExperts\",\"inLanguage\":\"fr-FR\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/vasexperts.com\/#\/schema\/person\/f4edcaef26fe49b6b59baf8ac5b62170\",\"name\":\"Elena Rudich\",\"url\":\"https:\/\/vasexperts.com\/fr\/blog\/author\/elena-rudich\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"(English) VASExperts","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/vasexperts.com\/blog\/security\/the-botnet-spams-via-routers\/","url":"https:\/\/vasexperts.com\/blog\/security\/the-botnet-spams-via-routers\/","name":"[:en]Botnet spams through routers: network protection from DDoS attacks[:es]Spam de botnets a trav\u00e9s de routers: protecci\u00f3n de la red contra ataques DDoS[:fr]Botnets spamm\u00e9s via les routeurs\u00a0: protection du r\u00e9seau contre les attaques DDoS[:br]Spams de botnets atrav\u00e9s de roteadores: prote\u00e7\u00e3o de rede contra ataques DDoS","isPartOf":{"@id":"https:\/\/vasexperts.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/vasexperts.com\/blog\/security\/the-botnet-spams-via-routers\/#primaryimage"},"image":{"@id":"https:\/\/vasexperts.com\/blog\/security\/the-botnet-spams-via-routers\/#primaryimage"},"thumbnailUrl":"\/wp-content\/uploads\/2025\/09\/bot_router.jpg","datePublished":"2018-11-26T15:25:53+00:00","dateModified":"2025-09-09T12:07:38+00:00","author":{"@id":"https:\/\/vasexperts.com\/#\/schema\/person\/f4edcaef26fe49b6b59baf8ac5b62170"},"description":"[:en]The interaction between a botnet and a \u201cvictim\u201d resulting in the device becoming a bot that performs the tasks of the primary botnet.[:es]La interacci\u00f3n entre una red de bots y una \u00abv\u00edctima\u00bb que da como resultado que el dispositivo se convierta en un bot que realiza las tareas de la red de bots principal.[:fr]Interaction entre un botnet et une \u00ab\u00a0victime\u00a0\u00bb\u00a0: l'appareil devient un bot ex\u00e9cutant les t\u00e2ches du botnet principal.[:br]A intera\u00e7\u00e3o entre uma botnet e uma \"v\u00edtima\", resultando na transforma\u00e7\u00e3o do dispositivo em um bot que executa as tarefas da botnet prim\u00e1ria.","breadcrumb":{"@id":"https:\/\/vasexperts.com\/blog\/security\/the-botnet-spams-via-routers\/#breadcrumb"},"inLanguage":"fr-FR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/vasexperts.com\/blog\/security\/the-botnet-spams-via-routers\/"]}]},{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/vasexperts.com\/blog\/security\/the-botnet-spams-via-routers\/#primaryimage","url":"\/wp-content\/uploads\/2025\/09\/bot_router.jpg","contentUrl":"\/wp-content\/uploads\/2025\/09\/bot_router.jpg","width":1278,"height":852,"caption":"botnet router"},{"@type":"BreadcrumbList","@id":"https:\/\/vasexperts.com\/blog\/security\/the-botnet-spams-via-routers\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u0413\u043b\u0430\u0432\u043d\u0430\u044f \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0430","item":"https:\/\/vasexperts.com\/"},{"@type":"ListItem","position":2,"name":"The botnet spams via routers"}]},{"@type":"WebSite","@id":"https:\/\/vasexperts.com\/#website","url":"https:\/\/vasexperts.com\/","name":"ITGLOBAL.COM","description":"(English) VASExperts","inLanguage":"fr-FR"},{"@type":"Person","@id":"https:\/\/vasexperts.com\/#\/schema\/person\/f4edcaef26fe49b6b59baf8ac5b62170","name":"Elena Rudich","url":"https:\/\/vasexperts.com\/fr\/blog\/author\/elena-rudich\/"}]}},"_links":{"self":[{"href":"https:\/\/vasexperts.com\/fr\/wp-json\/wp\/v2\/posts\/13315"}],"collection":[{"href":"https:\/\/vasexperts.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/vasexperts.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/vasexperts.com\/fr\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/vasexperts.com\/fr\/wp-json\/wp\/v2\/comments?post=13315"}],"version-history":[{"count":6,"href":"https:\/\/vasexperts.com\/fr\/wp-json\/wp\/v2\/posts\/13315\/revisions"}],"predecessor-version":[{"id":13328,"href":"https:\/\/vasexperts.com\/fr\/wp-json\/wp\/v2\/posts\/13315\/revisions\/13328"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/vasexperts.com\/fr\/wp-json\/wp\/v2\/media\/13317"}],"wp:attachment":[{"href":"https:\/\/vasexperts.com\/fr\/wp-json\/wp\/v2\/media?parent=13315"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/vasexperts.com\/fr\/wp-json\/wp\/v2\/categories?post=13315"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/vasexperts.com\/fr\/wp-json\/wp\/v2\/tags?post=13315"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}