To ensure safety, AdGuard users were asked to go to Have I Been Pwned to check if their accounts had been compromised in any previous data breach. Fortunately, the company confirmed that none of their users' personal data was compromised. Since the company's data wasn't affected, it appears as though the hackers were after the personal information of the users. It appears that only these accounts were accessed.Īndrey Meshkov, co-founder and CTO of AdGuard, confirmed that none of AdGuard's servers were affected, and only some of their users' leaked accounts were accessed. What did AdGuard do?ĪdGuard immediately implemented rate limiting to block brute-force attempts, but this measure didn't stop malicious actors from entering the network with accounts that used usernames and password combinations that were leaked elsewhere. This technique uses known credentials-such as email addresses and passwords that were previously leaked in breaches from other organizations-to brute force onto a system. They discovered that an unknown hacker was attempting to breach their network using a credential stuffing technique. The company detected continuous login attempts from suspicious IP addresses belonging to various servers around the world. AdGuard, a popular ad blocker for Android, iOS, Windows, and macOS fell prey to a brute force attack in September, 2018.
0 Comments
Leave a Reply. |