• Encrypt-Keeper@lemmy.world
    link
    fedilink
    English
    arrow-up
    72
    ·
    edit-2
    10 months ago

    An important detail to mention is that every router involved were very old Ubiquiti EdgeRouters which were EOL’d like a year or two ago and they had remote administration enabled and were still using the default admin user and password.

    • Copernican@lemmy.world
      link
      fedilink
      English
      arrow-up
      18
      ·
      10 months ago

      I was running an edge router x until a few months ago. It was the cheapest set up to deploy a unifi wireless access point for my apartment. I was worried until I read:

      It affected routers running Ubiquiti’s EdgeOS, but only those that had not changed their default administrative password. Access to the routers allowed the hacking group to “conceal and otherwise enable a variety of crimes,” the DOJ claims, including spearphishing and credential harvesting in the US and abroad.

      Change you default passwords friends. Given that the edge router is not the most noob friendly device to set up, I’m curious how the user base of these devices is not changing the PW.