• CEPro_logo_blue-new
  • TOPICS
      • News
        • People & Places
        • Product Briefs
      • Projects
      • Events
      • Control
        • Central Vac
        • Energy/Power
        • HVAC/IAQ
        • Interfaces/Devices
        • Lighting
        • Motorized Shades
        • Whole House Systems
      • Audio/Video
        • Audio/Video
        • AV Accessories
        • AV Racks
        • Cabling
        • Displays
        • Furniture
        • Headphones
        • Home Theater
        • Media
        • Mounts/Lifts
        • Multiroom AV
        • Projectors/Screens
        • Speakers/Subwoofers
        • Wireless AV
      • Security
        • Access Control
        • Alarms/Sensors
        • Services/Platforms
        • Surveillance/Cameras
      • Business Support
        • Associations/Buying Groups
        • Cell Phone Boosters
        • Distributors/Reps
        • Operations
        • Recurring Revenue
        • Research
        • Sales/Marketing
        • Software Services
        • Tools/Testers
      • Networking
        • Cellular
        • Devices/Equipment
        • Wireless
        • Wired/Installation
      • Markets
        • Builders
        • Commercial
        • Design
        • Europe
        • Outdoors
        • Resimercial
        • Wellness
      • CE Pro Hub Pages
        • Bose
        • Savant
        • Inside Sound United
  • PRODUCTS
  • RESOURCES
    • Reports/Downloads
    • Buyer’s Guide
    • Webcasts
    • Podcasts
    • Integrator Jobs
    • Digital Edition
    • CE Pro-iQ
  • SUBSCRIBE
    • CEDIA SHOW UPDATES
    • CEPRO PRINT EDITION
    • CEPRO DIGITAL EDITION
    • CEPRO NEWSLETTERS
  • DISCOVER
    • CEDIA Expo
      • September 29 – October 1
        Dallas, TX
      • VISIT SITE
    • KBIS
      • February 8 – 10
        Orlando, FL
      • VISIT SITE
    • Total Tech Summit
      • October 26 – 28
        Orlando, FL
      • VISIT SITE
    • Commercial Integrator
      • VISIT SITE
    • Security Sales
      • VISIT SITE
    • Tech Decisions
      • VISIT SITE
    • Campus Safety
      • VISIT SITE
    • Design Well
      • VISIT SITE
    • KBB Online
      • VISIT SITE
    • AV-iQ
      • VISIT SITE
    • CE Pro-iQ
      • VISIT SITE
  • Search
  • TOPICS
    • News
      • People & Places
      • Product Briefs
    • Projects
    • Events
    • Control
      • Central Vac
      • Energy/Power
      • HVAC/IAQ
      • Interfaces/Devices
      • Lighting
      • Motorized Shades
      • Whole House Systems
    • Audio/Video
      • Audio/Video
      • AV Accessories
      • AV Racks
      • Cabling
      • Displays
      • Furniture
      • Headphones
      • Home Theater
      • Media
      • Mounts/Lifts
      • Multiroom AV
      • Projectors/Screens
      • Speakers/Subwoofers
      • Wireless AV
    • Security
      • Access Control
      • Alarms/Sensors
      • Services/Platforms
      • Surveillance/Cameras
    • Business Support
      • Associations/Buying Groups
      • Cell Phone Boosters
      • Distributors/Reps
      • Operations
      • Recurring Revenue
      • Research
      • Sales/Marketing
      • Software Services
      • Tools/Testers
    • Networking
      • Cellular
      • Devices/Equipment
      • Wireless
      • Wired/Installation
    • Markets
      • Builders
      • Commercial
      • Design
      • Europe
      • Outdoors
      • Resimercial
      • Wellness
    • CE Pro Hub Pages
      • Savant
      • Bose
      • Inside Sound United
  • PRODUCTS
  • RESOURCES
    • Reports/Downloads
    • Buyer’s Guide
    • Webcasts
    • Podcasts
    • Integrator Jobs
    • Digital Edition
    • CE Pro-IQ
  • SUBSCRIBE
    • CEPRO PRINT EDITION
    • CEPRO DIGITAL EDITION
    • CEPRO NEWSLETTERS
    • CEDIA SHOW UPDATES
  • DISCOVER
    • Cedia Expo
      VISIT SITE
    • Commercial Integrator
      VISIT SITE
    • Security Sales
      VISIT SITE
    • Tech Decisions
      VISIT SITE
    • Campus Safety
      VISIT SITE
    • Design Well
      VISIT SITE
    • Total Tech Summit
      VISIT SITE
    • KBB Online
      VISIT SITE
    • AV-iQ
    • CE Pro-iQ
SUBSCRIBE CEDIA EXPO
POPULAR SEARCHES
News
Projects
Control
Audio Video
Security
Business Support
Markets
Devices/Equipment | Networking | News | Products
May 20, 2016

Nasty Ubiquiti Networks Malware: 5 Quick Tips for CE Pros

Vulnerabilities in Ubiquiti routers and wireless access points are wreaking havoc at ISPs. Here are five important lessons for integrators to avert potential network disasters in the future.
Julie Jacobson  
Vulnerabilities in Ubiquiti routers and wireless access points are wreaking havoc at ISPs. Here are five important lessons for integrators to avert potential network disasters in the future.
Article:
Devices/Equipment | Networking | News | Products
May 20, 2016

Nasty Ubiquiti Networks Malware: 5 Quick Tips for CE Pros

Self-replicating malware is taking down Internet services around the world, exploiting a vulnerability in popular wireless routers, access points and other networking gear from Ubiquiti Networks.

A popular networking brand for home-technology integrators, Ubiquiti warned users of a flaw in its AirOS firmware last July and provided a patch at that time. But the patch was not universally applied.

Ubiquiti now has provided a new patch that further protects potentially vulnerable devices. A notice from the company reads:

This is an HTTP/HTTPS exploit that doesn't require authentication. Simply having a radio on outdated firmware and having it's [sic] http/https interface exposed to the Internet is enough to get infected.  We are also recommending restricting all access to management interfaces via firewall filtering.

Hagai Feiner, principal of the integrator-centric networking firm Access Networks, reached out to CE Pro about the latest network breaches, offering these basic tips for averting potentially disastrous effects from network vulnerabilities in the future.

  1. Always patch your gear. 
  2. Balance security with remote access to your hardware by preferably using VPN tunnels instead of port forwarding.
  3. Choose hardware vendors and networking partners that you can rely on quick and consistent support.
  4. Work with vendors that allow mass firmware updates so that if something bad does happen, you have a simple way to bring your clients up to current standards.
  5. Always patch your gear.

Ars Technica notes that a quick way to determine if Ubiquiti products are affected is to log in to the device over SSH with the username “mother” and the password “f****r*”

If a shell window appears, the device has been compromised.

Feiner advises that the safest course is to save any device's configuration and then re-flash with the latest firmware.

Ubiquiti offers a removal tool, as well as instructions to re-flash manually. More details here.

ABOUT THE AUTHOR

Julie Jacobson
Follow
Julie Jacobson:
Julie Jacobson is founding editor of CE Pro, the leading media brand for the home-technology channel. She has covered the smart-home industry since 1994, long before there was much of an Internet, let alone an Internet of things. Currently she studies, speaks, writes and rabble-rouses in the areas of home automation, security, networked A/V, wellness-related technology, biophilic design, and the business of home technology. Julie majored in Economics at the University of Michigan, spent a year abroad at Cambridge University, and earned an MBA from the University of Texas at Austin. She is a recipient of the annual CTA TechHome Leadership Award, and a CEDIA Fellows honoree. A washed-up Ultimate Frisbee player, Julie currently resides in San Antonio, Texas and sometimes St. Paul, Minn. Follow on Twitter: @juliejacobson
View Julie Jacobson's complete profile

ARTICLE TOPICS

Devices/Equipment • Networking • News • Products

ARTICLE TAGS

Access Networks • Ubiquiti

SHARE

Share On Facebook
Share On Twitter
Share On Linkedin
Share On Whatsapp
Share Via Email
Copy URL
← Previous Article Next Article →
Article Audio/VideoMediaProducts

Marantz Introduces $999 CD 60 CD Player

The new CD 60 CD player from Marantz features its latest analog circuitry and a front USB type A input to allow users to employ the component as a DAC.
Article Amplifiers/ReceiversAudio/VideoMediaMultiroom AVProductsWireless AV

Denon 900 Series Includes HEOS-Enabled Integrated Amp

The new Denon 900 Series of components includes an integrated amp that offers the company's HEOS streaming platform and a CD player.
Article Audio/VideoMediaProducts

Marantz Introduces $999 CD 60 CD Player

The new CD 60 CD player from Marantz features its latest analog circuitry and a front USB type A input to allow users to employ the component as a DAC.
Article Audio/VideoFurnitureMounts/LiftsProducts

Common Myths About Mounting TVs Over Fireplaces

Neck strain, reduction in image quality, and heat problems are common objections integrators face from clients about mounting a TV over a fireplace. They are not true!

SHOW NEWSLETTER

Sign Up

CE Pro

Subscribe Sign Up

Content Types

News
Products
Projects
Companies
Downloads
Webcasts
Podcasts
Events

Specials

IntegratorJobs
CEDIA EXPO
CE Pro 100
CE Pro Summit
Awards Programs

Company Info

About
Contact Us
Customer Service
Media Solutions & Advertising

Subscribe

Magazine
Newsletters
Digital Edition

Connect

Twitter
Facebook
LinkedIn
YouTube
RSS Feed

Categories

AUDIO/VIDEO
AV Accessories
AV Racks
Amplifiers/Receivers
Cabling
Displays
Furniture
Mounts/Lifts
Multiroom AV
Projector Screens
Speakers/Subwoofers
Wireless AV
CONTROL
Central Vac
Energy/Power
Interfaces/Devices
HVAC/IAQ
Lighting
Motorized Shades
Whole-House Systems
NETWORKING
Cellular
Devices/Equipment
Wireless
Wiring/Installation
SECURITY
Access Control
Alarms/Sensors
Services/Platforms
Surveillance Cameras
BUSINESS SUPPORT
Associations/Buying Groups
Distributors/Reps
Operations
Recurring Revenue
Research
Sales/Marketing
Software/Services
Tools/Testers
MARKETS
Builders
Commercial
Design
Europe
Outdoors
Wellness
FOLLOW US ON
  • Follow
  • Follow
  • Follow
  • Follow
  • Follow

© 2021 Emerald X, LLC. All Rights Reserved.

  • ABOUT
  • CAREERS
  • TERMS OF USE
  • PRIVACY POLICY