A note of caution, please, please change the default ubnt password of your devices.
As the press reported, the attack against DYN.com name servers on Friday were the result of a DDoS attack named Mirai. The source code for the attack has been posted for anyone to see. In short, the attack works by creating a botnet of Linux based devices. On command, these devices simultaneously flood their victim with massive numbers of requests. To infect devices, the bot has a list of 62 default username/password pairs. Among those is the EdgeMAX default, ubnt/ubnt.
If your device still has the default username and password enabled, it is likely part of that botnet. Change your password.
My question for the community is, once infected, are the changes to the device persistent, or are they lost on reboot?
↧
DDoS Attack and default passwords
↧