Pretty damning article from Krebsonsecurity about the Ubiquity breach and how they (allegedly) covered up the seriousness of it.
https://krebsonsecurity.com/2021/03/whistleblower-ubiquiti-breach-catastrophic/
Pretty bad huh
This doesn't surprise me at all. They seem to be falling to pieces at the moment.
Why anyone would use the UBNT public cloud services as opposed to just running their own is a mystery.
Could have been quite funny to see all the USG's turned in to bitcoin miners or a botnet though haha.
@chevrolux The problem is all their new gear (the Dream Machines) force you to use the cloud services these days.
The UniFi controller I run is not linked to the cloud service. But IMO Ubiquiti have been going downhill for the last couple of years.
Do I still sell their products? Yes, because they're well suited for people who want something simple. Do I use them myself? No, I switched to Mikrotik and now have Cambium access points.
I am glad we got away from them after having 18 months of bad firmware updates, and nearly 100% failure rates across equipment supplied. We have one customer who has it, and we advised them 12 months ago in the strongest terms not to use UBNT equipment any longer after the third outage of their network in as many weeks. It did stabilize, but now they are busy changing passwords everywhere.
Every vendor has it's challenges, but I have to say, UBNT seemed really average to us right after a fairly promising start. I just got the feeling they had lost whatever made them so good to start with, and it wasn't coming back.
I see that often, people saying they have lots of failures with Ubiquiti stuff, but I've been selling and using it myself for years and only ever seen one AP fail. And that was one that the customer bought themselves so not sure where it even came from.
Pretty bad though of them trying to cover up how bad this breach was.
Don't understand why companies do that as the truth eventually comes out anyway and just makes them look even worse.
SpartanVXL: This is related to their cloud services correct?
Firmware updates to edgerouter have been okay, or is everyone here talking about different product ranges when they mention bad experiences?
Yea this is in relation to their Unifi cloud portal which they're now forcing you to connect their newer devices to, that host the controller software on them.
EG: Unifi Dream Machine / Pro & the cloud key gen2
Thought I'd unlock this for a follow-up: https://www.bleepingcomputer.com/news/security/former-ubiquiti-dev-charged-for-trying-to-extort-his-employer/
Nickolas Sharp, a former employee of networking device maker Ubiquiti, was arrested and charged today with data theft and attempting to extort his employer while posing as a whistleblower and an anonymous hacker.
"As alleged, Nickolas Sharp exploited his access as a trusted insider to steal gigabytes of confidential data from his employer, then, posing as an anonymous hacker, sent the company a nearly $2 million ransom demand," U.S. Attorney Damian Williams said today.
"As further alleged, after the FBI searched his home in connection with the theft, Sharp, now posing as an anonymous company whistleblower, planted damaging news stories falsely claiming the theft had been by a hacker enabled by a vulnerability in the company's computer systems."
That is interesting. I thought Ubiquiti handled the breach poorly but will be interested to go back and re-review their response knowing what we know now.
Edit: Troy Hunt had the same thought as me and has gone back over the announcements in a series of tweets: https://twitter.com/troyhunt/status/1466211715582873600