The OpenWRT community forum behind the router firmware open source project was breached last weekend.
The data of users have been stolen which was just announced by the admin.
OpenWRT is an open source project that provides Linux distributions for embedded systems such as home routers. OpenWRT is therefore very commonly used in home routers. The project has its own forum to host its community.
Over the weekend, a hacker appears to have managed to breach the administrator's account and performencryption of user data. user. The hack posted on the forum.
On Saturday January 16, 2021, an unauthorized person hacked into an OpenWRT forum administrator account. The account was not audit protected identity δύο παραγόντων. Ο εισβολέας μπόρεσε να εξαγάγει ένα αντίγραφο της λίστας χρηστών, συμπεριλαμβανομένων διευθύνσεων ηλεκτρονικού ταχυδρομείου, καθώς και άλλων δεδομένων του λογαριασμού. Προς το παρόν, δεν είναι σαφές αν ο εισβολέας κατάφερε να αντιγράψει ολόκληρη τη βάση δεδομένων. Οι διαχειριστές του forum ζητούν από τους χρήστες να επαναφέρουν τους κωδικούς access forum and change API keys (eg reset an OAuth key).