UpnP-Exploiting Botnet Infecting 100,000+ Home Routers and Still Counting, says NetLab blog. NetLab has detected at least 3.37 million public IPs scanned by the botnet looking for a broadcom-based router. Attackers can use this command to build a proxy network, and then profit from doing things such as sending spam, simulating clicks, and so on. All home router manufacturers turn-on UPnP by default, first to make their customers happy, lessening any possible support calls.”]
Source: https://hackercombat.com/upnp-exploiting-botnet-infecting-100000-home-routers-and-still-counting/