AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Lastpass hacked9/3/2023 It sure looks like there must be some connection between these users, with some malware or keylogging software stealing their master passwords as they're typed. However, it's odd that many affected LastPass users are adamant that they've never re-used their LastPass passwords for other services, and some have even been hit by blocked login attempts with the right password shortly after changing their credentials. LastPass and its competitors don’t store master passwords and follow zero-knowledge principles, so it's unlikely, if not impossible, to recover master passwords right from the source. Given that LastPass hasn’t noticed any suspicious activity on its servers, it’s unlikely that someone actually managed to hack the password manager itself. However, LastPass says there is no indication that the passwords were uncovered through any of these means. Thanks to exploits like heartbleed in 2014, it may have been possible to extract passwords here whenever users logged in. There was also speculation that the passwords could have emerged due to LastPass’ old, discontinued forum that supposedly required users to log in with their LastPass master password. When researching the IP addresses that attempted to log into the LastPass accounts in question, you’ll wind up on a phishing site that pretends you won some tech product, only to later ask you to input sensitive data. Others suspected that the users in question were phished in an elaborate scheme. A comment linked to an older Hacker News post detailing a LastPass autofill exploit from 2015, suggesting that's where the master passwords could have come from. AppleInsider writes that more and more reports are popping up, and even though LastPass hasn't been hacked, there appears to be a larger effort to breach individual LastPass accounts.ĭigging deeper into the Hacker News thread, it appears that most of the affected users haven’t actively used LastPass for a longer period of time, and they also haven’t changed their passwords in a while.Ī few Hacker News forum members have a few speculative causes in mind. That said, there still appears to be a coordinated attempt to log into LastPass accounts. We regularly monitor for this type of activity and will continue to take steps designed to ensure that LastPass, its users, and their data remain protected and secure. It’s important to note that we do not have any indication that accounts were successfully accessed or that the LastPass service was otherwise compromised by an unauthorized party. LastPass investigated recent reports of blocked login attempts and determined the activity is related to fairly common bot-related activity, in which a malicious or bad actor attempts to access user accounts (in this case, LastPass) using email addresses and passwords obtained from third-party breaches related to other unaffiliated services. We reached out to LastPass owner LogMeIn with these reports, and the company states, According to the emails these people have received, LastPass tells them that the correct master passwords were used, but that the attempts were still blocked due to the unusual geographic location. AppleInsider first spotted the reports in the Hacker News forum, where multiple users write that LastPass informed them about blocked login attempts originating from other parts of the world, mostly Brazil.
0 Comments
Read More
Leave a Reply. |