Gassing Station » Computers, Gadgets & Stuff
PistonHeads » Gassing Station » The Pie & Piston » Computers, Gadgets & Stuff
Ubiquiti EdgeRouters - vunerability
My ProfileMy PreferencesMy Mates
SearchMy Stuff
What's New3122472

Ubiquiti EdgeRouters - vunerability

Reply
OP Posts Only
OP Posts Only
Reply
OP Posts Only
Author
Discussion

Brother D

Original Poster:

3,963 posts

183 months

[report]
[news]
Wednesday 28th February
quotequote all
I know a lot of people are very pro Unifi products on this forum (myself included) but this popped up in my feed just to make anyone that uses the edge routers aware.

https://duo.com/decipher/fbi-details-apt28-attacks...

(Probably not that many people use the edge routers but still its something to be aware of).


megaphone

10,940 posts

258 months

[report]
[news]
Wednesday 28th February
quotequote all
Brother D said:
I know a lot of people are very pro Unifi products on this forum (myself included) but this popped up in my feed just to make anyone that uses the edge routers aware.

https://duo.com/decipher/fbi-details-apt28-attacks...

(Probably not that many people use the edge routers but still its something to be aware of).
Thanks, I run a few Edgerouters and will keep an eye on any news. All are on the latest firmware, all have strong passwords.

outnumbered

4,380 posts

241 months

[report]
[news]
Wednesday 28th February
quotequote all

This is actually old news, and it was simply caused by Ubiquiti shipping devices with a default "admin" password. So the hackers didn't even have to try very hard.

As long as you've changed the default account/password to something unguessable, or turned off management access from the internet, there's no problem.

Brother D

Original Poster:

3,963 posts

183 months

[report]
[news]
Thursday 29th February
quotequote all
outnumbered said:
This is actually old news, and it was simply caused by Ubiquiti shipping devices with a default "admin" password. So the hackers didn't even have to try very hard.

As long as you've changed the default account/password to something unguessable, or turned off management access from the internet, there's no problem.
No... this is something new - the FBI released a notification last week regarding this:

https://www.justice.gov/opa/pr/justice-department-...


camel_landy

5,089 posts

190 months

[report]
[news]
Thursday 29th February
quotequote all
Brother D said:
No... this is something new - the FBI released a notification last week regarding this:

https://www.justice.gov/opa/pr/justice-department-...
Not really, it's still relying on default admin creds:

FBI said:
Non-GRU cybercriminals installed the Moobot malware on Ubiquiti Edge OS routers that still used publicly known default administrator passwords. GRU hackers then used the Moobot malware to install their own bespoke scripts and files that repurposed the botnet, turning it into a global cyber espionage platform.
M
Reply
OP Posts Only
OP Posts Only
Reply
OP Posts Only

Gassing Station | Computers, Gadgets & Stuff | Top of Page | What's New | My Stuff