ADVERTISEMENT

Massive Keenetic data leak uncovered: 1M households could be exposed

Users of Keenetic routers, mainly in Russia, have been exposed in a major data leak revealing sensitive credentials, device details, network configurations, and logs. With this information, hackers can directly connect and overtake affected networks. However, the vendor estimates the risk of fraudulent activity to be low.

Keenetic router leak research

Image by Cybernews.

Ernestas Naprys
Ernestas Naprys Senior Journalist
Mar 21, 2025 Updated: 21 March 2025 5 min read

What did the anonymous source say?

  • 1,034,920 exposed records with extensive user data: emails, names, locales, Keycloak identity management system and Network Order IDs, and Telegram Code IDs.
  • 929,501 leaked records contain detailed device information: WiFi SSIDs and passwords in plain text, device models, serial numbers, interfaces, MAC addresses, domain names for external access, encryption keys, and much more.
  • 558,371 device Configuration records: user access details, vulnerable MD-5 hashed passwords, assigned IP addresses, and expanded router settings.
  • Comprehensive service logs containing over 53,869,785 records: hostnames, MAC addresses, IPs, access details, and even “owner_is_pirate” flags.
keenetic-leak1
  • Keenetic device user account passwords
  • WiFi passwords
  • VPN-client passwords/pre-shared keys for PPTP/L2TP, L2TP/IPSec, IPSec Site-to-Site, SSTP

What did the company say about the leak?

keenetic-leak3

What else we know about the leak: ties to Russian developers

ADVERTISEMENT
keenetic-leak2

Keenetic is cutting its Russian roots

keenetic-ru-website

Significant risks: plain text passwords are hackers’ dream

keenetic-leak4

Reconsider if you need unencrypted cloud backup

ADVERTISEMENT