topic Re: Ruckus hacked or domain expired? Invite for Remote Management contains link to strange domain! in Apps and SPoT

Ruckus hacked or domain expired? Invite for Remote Management contains link to strange domain!

robert_winther — Mon, 01 Feb 2021 18:34:19 GMT

When I send an invitation thru the Ruckus Unleashed App (Android), the links the App sends starts like this:

http://unleasheddev.com/bmM9dW40MjE4MDIwMDU5[redacted]

It looks to me like the invitations created points to a site no longer under Ruckus control.

Have you been hacked or just allowed a domain to expire, letting someone else take over?

That site could register all clicks on links in invitations, including the GUID that should be a secret!

Looks to me like a MAJOR security issue. Will you look into it?

Re: Ruckus hacked or domain expired? Invite for Remote Management contains link to strange domain!

robert_winther — Mon, 01 Feb 2021 18:35:05 GMT

Screendump from site the invitation mail links to:

Re: Ruckus hacked or domain expired? Invite for Remote Management contains link to strange domain!

arsalan_habib — Mon, 01 Feb 2021 23:39:17 GMT

Hi Robert. We are aware of this issue and fixing it.

Re: Ruckus hacked or domain expired? Invite for Remote Management contains link to strange domain!

robert_winther — Tue, 02 Feb 2021 16:54:00 GMT

Thank you for the update.

Should we worry about the invitations we have already sent?

If the unleasheddev.com domain is not under your control, every request could have been logged.

Re: Ruckus hacked or domain expired? Invite for Remote Management contains link to strange domain!

arsalan_habib — Wed, 03 Feb 2021 01:52:07 GMT

Hi Robert, the invites by themselves do not expose any information. The app knows how to get the required information from it.

By the way with this invite on Android you will see a prompt to either open it on the browser or the Unleashed mobile app. When the user selects Mobile App, the Mobile App opens and gets access to this link. In this case this link is not hit at all.