Ubiquity Breach

Johnboy1951

As this section appears to be with the most suggestions for Ubiquity products I thought to post this here rather than elsewhere.
I have no objection to it being moved if mods consider it inappropriate for this section of Boards.

Ubiquiti is accused of covering up a ‘catastrophic’ data breach — and it’s not denying it

A whistleblower said the company downplayed a “catastrophic” incident

https://www.theverge.com/2021/3/31/22360409/ubiquiti-networking-data-breach-response-whistleblower-cybersecurity-incident

.

m99T

Laughed at this. Its really bad to be honest.

ED E

An open S3 bucket is fairly common. Losing control of your AWS console, poor. Pretending it didnt happen? Just cease trading thanks.

babelfish1990

Johnboy1951 wrote: »

As this section appears to be with the most suggestions for Ubiquity products I thought to post this here rather than elsewhere.
I have no objection to it being moved if mods consider it inappropriate for this section of Boards.




https://www.theverge.com/2021/3/31/22360409/ubiquiti-networking-data-breach-response-whistleblower-cybersecurity-incident

.

Thanks for the tip-off. I never used the cloud management features from Ubiquiti, and only ever managed my APs locally within my LAN - so hopefully should be clear of this risk.

I have found their products excellent, so it is a shame to see this incident occurring. Although there is now a wide variety of options available for Wired/WiFi APs and Mesh devices, Ubiquiti has supported affordable POE, which is not generally available in devices sold to for the consumer market.

daraghwal

I always used my laptop as the controller and left any setups without any controller running. No more complex than an eir F2000 and PoE switch with a couple AC Lite APs attached. I can't think how they could be but doesn't anyone else think that these setups are compromised even though they have no WAN access to the APs or is it just me who needs to change any passwords related to ubiquiti.

frozenfrozen

Anyone ever flashed openWRT onto their Ubiquiti APs?

seems to be popular to do now. Wouldn't mind flashing it onto my NanoHD ap. Whatever about the leak I just find the performance very poor, new devices constantly getting negotiated down to 2.4GHz or being on 5GHz but at something ridiculous like 28mbps. Then an off and on of wifi on the device and they're back at 200+ from the same location.

And I haven't got the 650mbps speeds I had on day 1 since about day 10...

Wouldn't recommend them at all now

BailMeOut

daraghwal wrote: »

I always used my laptop as the controller and left any setups without any controller running. No more complex than an eir F2000 and PoE switch with a couple AC Lite APs attached. I can't think how they could be but doesn't anyone else think that these setups are compromised even though they have no WAN access to the APs or is it just me who needs to change any passwords related to ubiquiti.

The main concern is that they had access to code and firmware so just like with the Solarwinds breach you may have updated your firmware or controller software since then with embedded malicious code.

daraghwal

BailMeOut wrote: »

The main concern is that they had access to code and firmware so just like with the Solarwinds breach you may have updated your firmware or controller software since then with embedded malicious code.

There's me about to buy a couple Wifi 6 Lites off them :eek: Are there any other decent PoE access points in that price range that also look good on a ceiling?

BailMeOut

daraghwal wrote: »

There's me about to buy a couple Wifi 6 Lites off them :eek: Are there any other decent PoE access points in that price range that also look good on a ceiling?

I think you are ok now as one would assume they would have figured out if bad code was injected and would have been since removed. There however could have been a window where we all updated with compromised code at some point in the past.