Back to Brute force attack

Brute force attack

Ad blocker AdGuard hit by brute-force attack.

AdGuard, a popular ad blocker for Android, iOS, Windows, and macOS fell prey to a brute force attack in September, 2018. The company detected continuous login attempts from suspicious IP addresses belonging to various servers around the world. They discovered that an unknown hacker was attempting to breach their network using a credential stuffing technique. This technique uses known credentials—such as email addresses and passwords that were previously leaked in breaches from other organizations—to brute force onto a system.

What did AdGuard do?

AdGuard immediately implemented rate limiting to block brute-force attempts, but this measure didn't stop malicious actors from entering the network with accounts that used usernames and password combinations that were leaked elsewhere. It appears that only these accounts were accessed.

Andrey Meshkov, co-founder and CTO of AdGuard, confirmed that none of AdGuard's servers were affected, and only some of their users' leaked accounts were accessed. Since the company's data wasn't affected, it appears as though the hackers were after the personal information of the users. Fortunately, the company confirmed that none of their users' personal data was compromised.

To ensure safety, AdGuard users were asked to go to Have I Been Pwned to check if their accounts had been compromised in any previous data breach. Users who had not previously had their credentials compromised are unlikely to have been affected by this attack. Following the attack, AdGuard reset passwords of all accounts and implemented robust password policy standards for its users. The firm is also planning on implementing two-factor authentication as an additional security measure.

How can ManageEngine help with situations like this?

ADAudit Plus offers real-time alerts, which help you detect and mitigate brute-force attacks. ADAudit Plus can protect you from these types of threats by:

  • Tracking unauthorized logon attempts to your network.
  • Mitigating threats with automated threat response mechanisms.

ADAudit Plus also helps you monitor the changes in your Active Directory environment to detect internal attacks at the earliest chance. Check out how ADAudit Plus can help you secure and audit your network activities by trying out your free, 30-day trial today.

Share:

Latest DoS and DDoS attacks

Latest Brute force attack

Latest Crypto ransomware

Latest Advanced persistent threat (APT)

Compliance violation

Stay In The Know

Subscribe to our digest to get your weekly dose of cyber security updates straight to your inbox.

Please enter a business email id
 

By clicking 'I’m interested', you agree to processing of personal data according to the Privacy Policy

+

Stay In The Know

Thank you

You will receive weekly cybersecurity news soon!

  • Please enter a business email id
  •  
  •  
    By clicking 'I'm Interested', you agree to processing of personal data according to the Privacy Policy.

© 2019 Zoho Corporation Pvt. Ltd. All rights reserved.