Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
AdGuard Security Notice ( We have detected an attack towards AdGuard servers.)
#1
https://adguard.com/en/blog/adguard-security-notice/           AdGuard Security Notice
20 SEPTEMBER 2018 on AdGuard News
We have detected an attack towards AdGuard servers. Attackers used one of the databases of leaked accounts that are available online and checked whether the email/password data fit to access AdGuard account. We believe that attackers were able to access some of the accounts.

What happened?
Today we detected continuous attempts to login to AdGuard accounts from suspicious IP addresses which belong to various servers across the globe.
These attempts were stopped by a rate limiter which is an obvious measure against bruteforcing users' passwords.
However, rate limiting is not enough when attacker already knows what password to use. Unfortunately, this seems to be the case. The pairs of email/password used by intruders belong to known databases of leaked accounts.
Where do these leaked databases come from? There were numerous data breaches where data is inadvertently exposed in a vulnerable system, usually due to insufficient access controls or security weaknesses in the software. Some notable examples are breaches of Yahoo, Adobe, VK and many more.

What we did to protect you
As a precautionary measure, we have reset passwords to all AdGuard accounts.
We have now set stricter requirements for AdGuard account passwords.
We have connected to HaveIBeenPwned API — a website that collects data about all known compromised passwords. If the password that you are entering is found in the database of leaked ones, you will see a warning.
Is your account compromised?
We don't know what accounts exactly were accessed by the attackers. All passwords stored in AdGuard database are encrypted so we cannot check whether any of them is present in the known leaked database. That's why we decided to reset passwords of all users.

Just in case, you can check out haveibeenpwned.com and see for yourself if your data was leaked in any of the known data breaches.

Note that your license keys are safe as long as they are binded to devices that you use them on, and nothing bad can happen to these keys. You can continue to manage them via your personal account.

Got it, what shall I do?
You need to set a new password. As we said, we have reset passwords of all users, therefore, to regain access to your account, you need to click on this link and follow the instructions to create a new password.

We apologize for the inconvenience, but you know that we care about our users and their data privacy and had to promptly take action. Thank you for understanding!

Future measures
After this accident we strongly considered introducing the two-factor authentication. We physically can't implement it in one day, but this will be our next step and we will let you know about it as soon as its done.
Andrey Meshkov
Co-founder and CTO of AdGuard.
Reply
#2
Thanks for this info mrtrout.
Reply
#3
Thanks for this info mrtrout.
Reply
#4
Thanks for this News.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  AdGuard names 6,000+ web trackers that use CNAME chicanery: Feel free to feed them in Bjyda 0 2,603 03-05-2021 , 12:09 AM
Last Post: Bjyda
  119k Threats Per Minute Detected in 2020 Bjyda 0 724 02-24-2021 , 11:45 PM
Last Post: Bjyda
  Newly detected malware targets Kubernetes clusters for cryptocurrency mining Bjyda 0 912 02-04-2021 , 11:44 PM
Last Post: Bjyda
  Hezbollah hackers attack unpatched Atlassian servers at telcos, ISPs Bjyda 0 806 01-28-2021 , 10:24 PM
Last Post: Bjyda
  Scanning Activity Detected After Release of Exploit for Critical SAP SolMan Flaw Bjyda 0 881 01-24-2021 , 01:55 PM
Last Post: Bjyda

Forum Jump:


Users browsing this thread: 1 Guest(s)