[Community] Fwd: [afnog] Ubiquiti AirOS/AirMax worm in the wild

Moussa Dethie Sarr mdsarr at univ-thies.sn
Sun May 15 17:05:21 GMT 2016


thanks omo for this information.
i'm running upgrade on our 10 P2P ubiquiti airmax device to 5.6.4,



2016-05-15 12:21 GMT+02:00 Omo Oaiya <Omo.Oaiya at wacren.net>:

> For latest news follow @WACREN on Twitter - https://twitter.com/wacren
>
> For those that run Ubiquity
>
> -Omo
> ---------- Forwarded message ----------
> From: "Phil Regnauld" <regnauld at nsrc.org>
> Date: 15 May 2016 7:59 a.m.
> Subject: [afnog] Ubiquiti AirOS/AirMax worm in the wild
> To: <afnog at afnog.org>
> Cc:
>
> Forwarding this from a colleague. The reference to the PHP exploit could
>> be related, but either way, it's happening now.
>>
>> - - - -
>>
>> I'm told that the local WISP operator community is dealing with a new
>> worm[1] that exploits Ubiquiti AirOS devices running older firmwares.
>> This could potentially be a lot of devices.
>>
>>
>> http://community.ubnt.com/t5/airMAX-General-Discussion/Virus-attack-URGENT-UBNT/td-p/1562940
>> has ISPs from Spain, Brasil, and the US reporting infections in the
>> last 24 hours.
>>
>> Versions prior to these are vulnerable:
>>
>> 5.5.11 XM/TI.
>> 5.5.10u2 XW
>> 5.6.2 XW/XM/TI
>>
>> There looks to be some more information here:
>> https://hackerone.com/reports/73491
>>
>> If you know anyone who makes use of UBNT AirOS products, now might be
>> a time to give them a nudge.
>>
>>
>> [1] quote from the forums "It's a self-distributing virus, so, once it
>> can "see" neighbour antenas within the same subnet, it attacks the
>> others."
>>
>> - - - -
>>
>>
>> _______________________________________________
>> afnog mailing list
>> https://www.afnog.org/mailman/listinfo/afnog
>>
>
> _______________________________________________
> Community mailing list
> Community at lists.wacren.net
> http://lists.wacren.net/mailman/listinfo/community
>
>
-------------- section suivante --------------
Une pièce jointe HTML a été nettoyée...
URL: <http://lists.wacren.net/mailman/private/community/attachments/20160515/94840149/attachment.html>


More information about the Community mailing list