Re: Is anyone using UPnP anyway?
UPnP is for devices on the internal network to request a dynamically assigned port to be forwarded to them - XBox and PS4 use it for multi player and online games, for example (without it, you would only be able to have 1 device on the network and you would have to manually do the port forwarding), Skype and many other services and protocols also rely on it, but always from inside the network to outside resources.
The problem is, UPnP can be turned on on any physical network port (as opposed to TCP port), LAN, WAN, Wi-Fi etc. The problem is the second one, many router manufacturers have turned it on by default on the WAN port, meaning that anybody outside the network can ask for port forwarding into the network!
This is security 101 and the engineers that came out with the bright idea of turning it on on the WAN port will be the first against the wall, when the revolution comes.
It might be interesting, if there is a case for the engineers and the router manufacturers to be charged with aiding and abetting these attacks.
That is why the routers should have this turned off by default, or better don't offer the option at all on home routers. If you really want to use routing and port forwarding within segmented networks, then you should be looking at professional devices.