On Tuesday, popular password manager app LastPass said that a threat actor executed credential stuffing against some of its users to obtain access to their cloud-hosted password vaults.
Several users reported that they received a mail from the password manager stating someone used your master password to login into your account from an unrecognized location.
Soon the report of compromised LastPass master passwords started circulating on various social media platforms including Twitter, Hacker News, and Reddit.
LastPass Confirms it’s Credential Stuffing Attack
The password manager company is investigating reports of a possible attack on its servers and taking measures to secure the data of its users. The company further said that it believes that the recent activity is associated with credential stuffing activity where the threat actors try to obtain access to user accounts with the help of email addresses and passwords fetched from third-party breaches or unaffiliated services, reports LastPass in its blog post.
Though, LastPass didn’t share any information about threat actors behind these credential stuffing attempts. However, Bob Diachenko, a security researcher identified thousands of LastPass credentials while going through Redline Stealer malware logs.
Furthermore, BleepingComputer reports having been contacted by LastPass clients who received login alerts that their emails were not found in the combo list harvested by RedLine Stealer found by Diachenko.
This signifies that the threat actors used some other means to steal the master password of the users.
In the meantime, LastPass users are advised to enable the multifactor authentication option to access LastPass to safeguard their accounts against keyloggers and other threats.
By enabling multi-factor authentication, the threat actors can’t access your account even if the master password gets compromised.
Sign up for our newsletter to get the latest security news from various tech industries and cyber security firms.
