OpenWRT Discloses Data Breach After Cybercriminals Broke Into Forum Admin Account

OpenWRT Discloses Data Breach After Cybercriminals Broke Into Forum Admin Account

The maintainers of OpenWRT, an open-source project that provides free and customizable firmware for home routers, have disclosed a security breach that took place over the weekend.

According to a message posted on the project's forum and distributed via multiple Linux and FOSS-themed mailing lists, the security breach took place on Saturday, January 16, around 16:00 GMT, after a hacker accessed the account of a forum administrator.


"It is not known how the account was accessed: the account had a good password, but did not have two-factor authentication enabled," the message reads.


The OpenWRT team said that while the attacker was not able to download a full copy of its database, the attack did download a list of forum users, which included personal details such as forum usernames and email addresses.


No passwords were included in the downloaded data, but citing an "abundance of caution," OpenWRT administrators have reset all forum user passwords and API keys.


The project is now informing users that the next time they log into their accounts, they'll need to go through the password recovery procedure. This process is also mandatory for those using OAuth tokens, who will need to re-sync their accounts.


Great phishing opportunity for supply chain attacks


Furthermore, OpenWRT admins are also warning forum users that they also might see an increase in email phishing attempts.

While some might argue about what's so important about an OpenWRT forum account, the portal is often frequented by deve ..

Support the originator by clicking the read the rest link below.