AdGuard, a popular ad blocker for Android, iOS, Windows, and macOS fell prey to a brute force attack in September, 2018. The company detected continuous login attempts from suspicious IP addresses belonging to various servers around the world. They discovered that an unknown hacker was attempting to breach their network using a credential stuffing technique. This technique uses known credentials—such as email addresses and passwords that were previously leaked in breaches from other organizations—to brute force onto a system.
AdGuard immediately implemented rate limiting to block brute-force attempts, but this measure didn't stop malicious actors from entering the network with accounts that used usernames and password combinations that were leaked elsewhere. It appears that only these accounts were accessed.
Andrey Meshkov, co-founder and CTO of AdGuard, confirmed that none of AdGuard's servers were affected, and only some of their users' leaked accounts were accessed. Since the company's data wasn't affected, it appears as though the hackers were after the personal information of the users. Fortunately, the company confirmed that none of their users' personal data was compromised.
To ensure safety, AdGuard users were asked to go to Have I Been Pwned to check if their accounts had been compromised in any previous data breach. Users who had not previously had their credentials compromised are unlikely to have been affected by this attack. Following the attack, AdGuard reset passwords of all accounts and implemented robust password policy standards for its users. The firm is also planning on implementing two-factor authentication as an additional security measure.
ADAudit Plus offers real-time alerts, which help you detect and mitigate brute-force attacks. ADAudit Plus can protect you from these types of threats by:
ADAudit Plus also helps you monitor the changes in your Active Directory environment to detect internal attacks at the earliest chance. Check out how ADAudit Plus can help you secure and audit your network activities by trying out your free, 30-day trial today.
Subscribe to our digest to get your weekly dose of cyber security updates straight to your inbox.
© 2019 Zoho Corporation Pvt. Ltd. All rights reserved.