Whistleblower: Ubiquiti Breach "Catastrophic"

Forums › IT Pro and developers › Whistleblower: Ubiquiti Breach "Catastrophic"

amanzi

Amanzi
1354 posts

Uber Geek
+1 received by user: 331

ID Verified

Trusted

Lifetime subscriber

#284103 31-Mar-2021 11:13

Pretty damning article from Krebsonsecurity about the Ubiquity breach and how they (allegedly) covered up the seriousness of it.

https://krebsonsecurity.com/2021/03/whistleblower-ubiquiti-breach-catastrophic/

boosacnoodle

1269 posts

Uber Geek
+1 received by user: 855

#2684658 31-Mar-2021 11:33

Pretty bad huh

wratterus

1687 posts

Uber Geek
+1 received by user: 678

#2684665 31-Mar-2021 11:44

This doesn't surprise me at all. They seem to be falling to pieces at the moment.

chevrolux

4962 posts

Uber Geek
+1 received by user: 2638
Inactive user

#2685185 1-Apr-2021 08:21

Why anyone would use the UBNT public cloud services as opposed to just running their own is a mystery.

Could have been quite funny to see all the USG's turned in to bitcoin miners or a botnet though haha.

michaelmurfy

meow
13579 posts

Uber Geek
+1 received by user: 10910

Moderator

ID Verified

Trusted

Lifetime subscriber

#2685199 1-Apr-2021 09:11

@chevrolux The problem is all their new gear (the Dream Machines) force you to use the cloud services these days.

The UniFi controller I run is not linked to the cloud service. But IMO Ubiquiti have been going downhill for the last couple of years.

Do I still sell their products? Yes, because they're well suited for people who want something simple. Do I use them myself? No, I switched to Mikrotik and now have Cambium access points.

Michael Murphy | https://murfy.nz
Referral Links: Quic Broadband (use R122101E7CV7Q for free setup)

Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.

networkn

Networkn
32862 posts

Uber Geek
+1 received by user: 15453

ID Verified

Trusted

Lifetime subscriber

#2685218 1-Apr-2021 09:50

I am glad we got away from them after having 18 months of bad firmware updates, and nearly 100% failure rates across equipment supplied. We have one customer who has it, and we advised them 12 months ago in the strongest terms not to use UBNT equipment any longer after the third outage of their network in as many weeks. It did stabilize, but now they are busy changing passwords everywhere.

Every vendor has it's challenges, but I have to say, UBNT seemed really average to us right after a fairly promising start. I just got the feeling they had lost whatever made them so good to start with, and it wasn't coming back.

CYaBro

4708 posts

Uber Geek
+1 received by user: 1182

ID Verified

Trusted

#2685232 1-Apr-2021 10:21

networkn:

I am glad we got away from them after having 18 months of bad firmware updates, and nearly 100% failure rates across equipment supplied. We have one customer who has it, and we advised them 12 months ago in the strongest terms not to use UBNT equipment any longer after the third outage of their network in as many weeks. It did stabilize, but now they are busy changing passwords everywhere.

Every vendor has it's challenges, but I have to say, UBNT seemed really average to us right after a fairly promising start. I just got the feeling they had lost whatever made them so good to start with, and it wasn't coming back.

I see that often, people saying they have lots of failures with Ubiquiti stuff, but I've been selling and using it myself for years and only ever seen one AP fail. And that was one that the customer bought themselves so not sure where it even came from.
Pretty bad though of them trying to cover up how bad this breach was.
Don't understand why companies do that as the truth eventually comes out anyway and just makes them look even worse.

Opinions are my own and not the views of my employer.

AliExpress

Shop now on AliExpress (affiliate link).

SpartanVXL

1498 posts

Uber Geek
+1 received by user: 666

#2685242 1-Apr-2021 11:00

This is related to their cloud services correct?

Firmware updates to edgerouter have been okay, or is everyone here talking about different product ranges when they mention bad experiences?

CYaBro

4708 posts

Uber Geek
+1 received by user: 1182

ID Verified

Trusted

#2685296 1-Apr-2021 12:22

SpartanVXL: This is related to their cloud services correct?

Firmware updates to edgerouter have been okay, or is everyone here talking about different product ranges when they mention bad experiences?

Yea this is in relation to their Unifi cloud portal which they're now forcing you to connect their newer devices to, that host the controller software on them.
EG: Unifi Dream Machine / Pro & the cloud key gen2

Opinions are my own and not the views of my employer.

michaelmurfy

meow
13579 posts

Uber Geek
+1 received by user: 10910

Moderator

ID Verified

Trusted

Lifetime subscriber

#2823347 2-Dec-2021 17:34

Thought I'd unlock this for a follow-up: https://www.bleepingcomputer.com/news/security/former-ubiquiti-dev-charged-for-trying-to-extort-his-employer/

Nickolas Sharp, a former employee of networking device maker Ubiquiti, was arrested and charged today with data theft and attempting to extort his employer while posing as a whistleblower and an anonymous hacker.

"As alleged, Nickolas Sharp exploited his access as a trusted insider to steal gigabytes of confidential data from his employer, then, posing as an anonymous hacker, sent the company a nearly $2 million ransom demand," U.S. Attorney Damian Williams said today.

"As further alleged, after the FBI searched his home in connection with the theft, Sharp, now posing as an anonymous company whistleblower, planted damaging news stories falsely claiming the theft had been by a hacker enabled by a vulnerability in the company's computer systems."

amanzi

Amanzi
1354 posts

Uber Geek
+1 received by user: 331

ID Verified

Trusted

Lifetime subscriber

#2823350 2-Dec-2021 17:46

That is interesting. I thought Ubiquiti handled the breach poorly but will be interested to go back and re-review their response knowing what we know now.

Edit: Troy Hunt had the same thought as me and has gone back over the announcements in a series of tweets: https://twitter.com/troyhunt/status/1466211715582873600

Paul1977

5171 posts

Uber Geek
+1 received by user: 2192

#2823706 3-Dec-2021 11:30