By Eduard Kovacs on September 02, 2014
Domain registrar and Web hosting company Namecheap is warning customers that cybercriminals have been trying to access their accounts by using credentials obtained from third party websites.
Security firm Hold Security recently reported that Russian hackers managed to obtain 1.2 billion credentials from approximately 420,000 websites. The compromised information can be very useful because many people use the same username and password combinations for multiple online services.
Namecheap believes these 1.2 billion credentials are being utilized by cybercriminals to gain access to their customers' accounts. The company's intrusion detection systems picked up a higher than usual volume of login attempts shortly after the story broke, indicating that the attackers are likely using this data in an effort to breach accounts. It's uncertain if the timing is the only piece of evidence that has led the company to reach this conclusion. Namecheap could not immediately be reached for clarifications.
"The group behind this is using the stored usernames and passwords to simulate a web browser login through fake browser software. This software simulates the actual login process a user would use if they are using Firefox/Safari/Chrome to access their Namecheap account. The hackers are going through their username/password list and trying each and every one to try and get into Namecheap user accounts," Matthew Russell, vice president of hosting at Namecheap, explained in a blog post on Monday.
SecurityWeek/ full article here/ http://www.securityweek.com/namecheap-says-accounts-accessed-credentials-stolen-russian-hackers
Be the first to reply!
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.