As Internet technology continues to build security, hackers have never stopped inventing ways to break the security. Namecheap, an established domain name registrar and web hosting company issued a warning over the attempt to attack it’s servers. It announced via its blog that some Russian hackers made an attempt to intrude into their databases using credentials they had collected from other computers. This was discovered by Namecheap’s employees who were on the night shift when they found out that there was unusual load against the login system.
Namecheap employees realized there was a problem, most likely hacking attempt, when they received an alert concerning the unusual number of login attempts to their systems. They therefore had to launch emergence investigation to find out what was happening. “Upon investigation, we determined that the username and password data gathered from third party sites, likely the data identified by The Register (i.e. not Namecheap) is being used to try and gain access to Namecheap.com accounts.” Matthew Russell wrote on Namecheap’s Vice President on Hosting said.
It also announced that the Russian group is using stored usernames and passwords to create a web browser login by use of fake browser software. The software reproduces real login process a user usually uses when logging into his/her Namecheap account via Firefox or Safari or Chrome.
It’s reported that most of the trials made to break into their systems were unsuccessful due to changes on the users’ credentials, and Namecheap is blocking IP addresses suspected to be logging in with stolen login information. “The vast majority of these login attempts have been unsuccessful as the data is incorrect or old and passwords have been changed. As a precaution, we are aggressively blocking the IP addresses that appear to be logging in with the stolen password data.” Russell said.
The publication also indicated that apart from the owners of poorly protected computers, the internet users who apply the same passwords for their Namecheap account on other sites are also vulnerable to this attack. Namecheap, however, encouraged people that they are the ones (users themselves) who can make their accounts more secure on the internet by avoiding the factors that weaken security mentioned above.