Hackers are looking for the key passwords of the LastPass platform

LastPass is one of the most well-known password management software; Of course, after the free version of this service was discontinued in 2021, many users stopped using this software, but it is still a very popular option for password management. Several similar reports now state that hackers have attempted to log in using the correct LastPass master passwords. While not a groundbreaking contribution to the genre, LastPass says there are no signs of hacking into the company’s servers, citing “third-party violations related to non-affiliate services”. It looks like a coordinated attack could also be ruled out, as LastPass recently announced that it had mistakenly sent a number of user account alerts.

According to Android Police, the Appinsider website first saw these reports in the Hacker News community; Where several users posted reports about LastPass indicating that they had recently received notifications about attempts to sign in to their account, most of which were in Brazil. According to emails received by these individuals, LastPass told them that the original passwords had been used correctly, but that hackers ‘attempts to gain access to the individuals’ accounts had been blocked due to their unusual geographical location.

LastPass در explained:

LastPass reviewed recent reports of blocked login attempts and found that these activities were related to the relatively common actions of robots; Where the intruder tries to access the person’s LastPass account using email addresses and passwords obtained from third-party sources. Note that we have not seen any indication that hackers have successfully accessed users’ accounts or that our service has been compromised by an unauthorized person. We monitor this on a regular basis and will continue to take steps designed to ensure the security of LastPass and its users.

With this in mind, it seems that there is still no coordinated effort to log in to LastPass accounts. Apple Insider has announced that more and more reports are being published in this regard. Even though LastPass has not been hacked, there have been rumors of more attempts to hack into the software.

Plugin Plugin Last Pass

Taking a closer look at the issue raised in Hacker News, it is hypothesized that most of the affected users have not actively used LastPass for a very long time and have not changed their password for some time.

A number of members of the Hacker News Association have speculated. One of them pointed to an older post in the forum detailing the LastPass autocomplete exploit in 2015. These details indicate that the original passwords were probably obtained in this way. Others have reported that hacked users have been affected by a complex phishing scheme. When investigating IP addresses that have attempted to infiltrate LastPass accounts, you will be taken to a phishing website that pretends to have won a technical product and then asks you to enter some sensitive data to receive this product. do.

In addition, there is speculation that the passwords may have been accessed due to outdated and LastPass associations; An association that apparently required users to log in with their LastPass password. Because of exploits like heartbleed in 2014, their passwords may be discovered by hackers every time they log in. However, LastPass said it saw no indication that the passwords had been obtained through one of the methods presented in Hacker News.

Given that LastPass did not detect any suspicious activity on their servers, it is unlikely that a person or group of hackers actually succeeded in hacking the service administrator’s master password. LastPass and its competitors do not store master passwords. In fact, these companies follow the principles of zero knowledge, so it is impossible and even impossible to recover users’ original passwords from the source.

However, many hacked LastPass users firmly believe that they have never used the software’s passwords for other services, and some have even blocked attempts to log in to the appropriate password system, even shortly after their credentials were changed. There must be a connection between these users because some malware or KeyLogger software steals their master password while typing. Billingingcomputer reports that LastPass fixed a security vulnerability in the Chrome extension in 2019, so when an intrusion is likely to occur, there may be another issue with some LastPass software or third-party extensions. Has come.

Related article:

LastPass has finally announced that the software has not been hacked, but as the company has said, it is possible that your multi-year password has been revealed in other ways. Given that LastPass users are currently experiencing this amount of login attempts, they will need to change their master password and use a different computer to be more secure. In addition, it is necessary to enable a two-step authentication system to manage the passwords of this group of users because it will add an extra layer of security to their account. If you are not using LastPass, it is a good idea to delete your account on this platform as soon as possible to prevent unauthorized people from accessing the passwords you have previously entered in this software.

LastPass Statement

After further investigation, Dan Demichelle, Vice President of Product Management at LastPass, stated that there was no indication that the company’s browser extensions were damaged. He also noted that the problem may be due to malware or phishing attacks, and that apparently a small number of LastPass incoming alerts were sent incorrectly via email.

The following is an overview of LastPass’s official statement:

As mentioned earlier, LastPass is aware of recent reports from users who have received email alerts trying to sign in to their account, and is investigating.

We have reviewed this activity promptly and have not seen any indication that LastPass accounts have been compromised by an unauthorized person, and there is no indication that LastPass users’ credentials have been compromised by malware, browser add-ons, or campaigns. Phishing is not collected.

However, as a precaution, we will continue to investigate to determine what triggered the automatic security alert emails from our systems.

Our research since then has shown that some of these security alerts sent to a limited subset of LastPass users may have been triggered by a mistake; As a result, we’ve set up our own security alert systems and solved this problem.

These warnings were issued because of LastPass’ s ongoing efforts to protect the security of our users against hackers. It is also important to reiterate that the LastPass zero knowledge security model does not store the user’s master password in any way and has no information about it or does not have access to it.

We will continue to monitor suspicious and malicious activity on a regular basis and, if necessary, take steps designed to ensure that LastPass users and their information remain secure.

Source link

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button

Adblock Detected

Please consider supporting us by disabling your ad blocker