Ad blocker AdGuard hit by brute-force attack.

AdGuard, a popular ad blocker for Android, iOS, Windows, and macOS fell prey to a brute force attack in September, 2018. The company detected continuous login attempts from suspicious IP addresses belonging to various servers around the world. They discovered that an unknown hacker was attempting to breach their network using a credential stuffing technique. This technique uses known credentials—such as email addresses and passwords that were previously leaked in breaches from other organizations—to brute force onto a system.

What did AdGuard do?

AdGuard immediately implemented rate limiting to block brute-force attempts, but this measure didn't stop malicious actors from entering the network with accounts that used usernames and password combinations that were leaked elsewhere. It appears that only these accounts were accessed.

Andrey Meshkov, co-founder and CTO of AdGuard, confirmed that none of AdGuard's servers were affected, and only some of their users' leaked accounts were accessed. Since the company's data wasn't affected, it appears as though the hackers were after the personal information of the users. Fortunately, the company confirmed that none of their users' personal data was compromised.

To ensure safety, AdGuard users were asked to go to Have I Been Pwned to check if their accounts had been compromised in any previous data breach. Users who had not previously had their credentials compromised are unlikely to have been affected by this attack. Following the attack, AdGuard reset passwords of all accounts and implemented robust password policy standards for its users. The firm is also planning on implementing two-factor authentication as an additional security measure.