AdGuard resets all user passwords after credential stuffing attack
Security
AdGuard, a popular ad blocker for Android, iOS, Windows, and Mac, has reset all user passwords, the company's CTO Andrey Meshkov announced today.
The company took this decision after suffering a brute-force attack during which an unknown attacker tried to log into user accounts by guessing their passwords.
Meshkov said the attacker used emails and passwords that were previously leaked into the public domain after breaches at other companies.
This type of attack --using leaked usernames and passwords to hack into accounts at other services-- is known as credential stuffing.
Also: Zaif cryptocurrency exchange loses $60 million in recent hack
The AdGuard CTO said attackers were successful in their assault and gained access to some AdGuard accounts, used for storing ad blocker settings.
"We don't know what accounts exactly were accessed by the attackers," Meshkov said. "All passwords stored in AdGuard database are encrypted so we cannot check whether any of them is present in the known leaked database. That's why we decided to reset passwords of all users."
The company says it implemented the Have I Been Pwned API into their existing infrastructure so that when users will configure a new password, the AdGuard system will warn them if they're using passwords leaked at other services.
Meshkov said AdGuard now also uses stricter rules for choosing passwords, and they also intend to support two-factor authentication in the future.
CNET: Equifax just took another hit from that 2017 hack
The AdGuard exec also revealed that the company found out about the attack after its rate-limiting systems detected the numerous failed login attempts during the password guessing phase of the attack.
Most of the attacks were stopped, but some were successful, which usually tends to happen when attackers get lucky and guess the proper combination during the first login attempts.
It is unclear what the attackers were attempting to do with such low-value accounts.
These are 2018's biggest hacks, leaks, and data breaches
Previous and related coverage:
What is malware? Everything you need to know
Cyber attacks and malware are one of the biggest threats on the internet. Learn about the different types of malware - and how to avoid falling victim to attacks.
Security 101: Here's how to keep your data private, step by step
This simple advice will help to protect you against hackers and government surveillance.
VPN services 2018: The ultimate guide to protecting your data on the internet
Whether you're in the office or on the road, a VPN is still one of the best ways to protect yourself on the big, bad internet.
Five computer security questions you must be able to answer right now
If you can't answer these basic questions, your security could be at risk.
Critical infrastructure will have to operate if there's malware on it or not
Retired US Air Force cyber-security expert shares his thoughts on the future of critical infrastructure security.
Ordinary Wi-Fi devices can be used to detect suspicious luggage, bombs, weapons
Researchers turn ordinary WiFi devices in rudimentary scanners that can identify potentially dangerous objects hidden inside bags or luggage.
Related stories:
- Nasty piece of CSS code crashes and restarts iPhones
- FragmentSmack vulnerability also affects Windows, but Microsoft patched it
- Data breaches affect stock performance in the long run, study finds
- Why the 'fixed' Windows EternalBlue exploit won't die
- Hackers swipe card numbers from local government payment portals
- Chinese police arrest hacker who sold data of millions of hotel guests on the dark web
- Access to over 3,000 backdoored sites sold on Russian hacking forum
- Canadian retailer's servers storing 15 years of user data sold on Craigslist
- Broadcaster ABS-CBN customer data stolen, sent to Russian servers
- 'Hacky hack hack': Teen arrested for breaking into Apple's network TechRepublic