19 January 2021

OpenWrt Project discloses data breach


OpenWrt Project discloses data breach

Maintainers behind OpenWrt, an open-source project for embedded operating systems based on Linux, primarily used on embedded devices to route network traffic, have disclosed a security breach, which resulted in user data being stolen by the intruders.

According to a post on the OpenWrt forum, the breach took place on Saturday, January 16. The hackers gained access to an administrator account on the OpenWrt forum and stole a copy of the user list that contains email addresses, handles, and other statistical information about the users.

It is not clear how the attackers were able to access the account, it had a good password, although it did not have two-factor authentication enabled, the OpenWRT team said.

While the team said it did not believe that the attackers could download the database, from an abundance of caution, the team reset all passwords on the Forum, and flushed any API keys.

Forum administrators recommend users to reset their password manually on the OpenWrt Forum website by following the “get a new password” instructions. If users use Github login/OAuth key, they should reset/refresh it.

"You should assume that your email address and handle have been disclosed. That means you may get phishing emails that include your name. DO NOT click links, but instead manually type the URL of the forum as above," forum admins cautioned.

The team also said that there is no reason to believe there has been any compromise to the Wiki credentials as the OpenWrt forum credentials are entirely independent of the OpenWrt Wiki.

Back to the list

Latest Posts

Vulnerability summary for the week: March 5, 2021

Vulnerability summary for the week: March 5, 2021

A weekly vulnerability digest.
5 March 2021
Microsoft shares details on three new malware strains used in SolarWinds hack

Microsoft shares details on three new malware strains used in SolarWinds hack

GoldMax, Sibot and GoldFinder were used by attackers to achieve persistence on the infected machines and perform actions post-compromise.
5 March 2021
Four notorious cybercrime forums hacked

Four notorious cybercrime forums hacked

The list of hacked crime forums includes Maza, Verified, Crdclub and Exploit.
5 March 2021