Industry News

Hackers attack Namecheap accounts – are you still reusing passwords?

Popular domain registrar and web-hosting provider Namecheap has announced that hackers launched a determined attack against its systems over the weekend, attempting to break into users’ accounts.

According to the Los Angeles-based company, its intrusion detection systems alerted engineers to a “much higher than normal load” against its login systems, as multiple attempts were made to access Namecheap.com accounts using usernames and passwords stolen from other sites.

Namecheap suspects, although it’s hard to understand quite how they came to the conclusion, that the list of credentials used by the attackers originates from the so-called Russian “CyberVor” hacking gang, recently alleged to have collected some 1.2 billion stolen usernames and passwords.

The good news, according to Namecheap, is that most of the attempts to access accounts without authorisation failed. But some accounts were, unfortunately, broken into.

Matt Russell, vice president of hosting at Namecheap, offered further information:

The group behind this is using the stored usernames and passwords to simulate a web browser login through fake browser software. This software simulates the actual login process a user would use if they are using Firefox/Safari/Chrome to access their Namecheap account. The hackers are going through their username/password list and trying each and every one to try and get into Namecheap user accounts.

The vast majority of these login attempts have been unsuccessful as the data is incorrect or old and passwords have been changed. As a precaution, we are aggressively blocking the IP addresses that appear to be logging in with the stolen password data. We are also logging these IP addresses and will be exporting blocking rules across our network to completely eliminate access to any Namecheap system or service, as well as making this data available to law enforcement.

While the vast majority of these logins are unsuccessful, some have been successful. To combat this, we’ve temporarily secured the Namecheap accounts that have been affected and are currently contacting customers involved requesting they improve the security for these accounts.

Namecheap says that it has temporarily reset the passwords of accounts which they believe were compromised, and is encouraging all users to change passwords and enable two-factor authentication for a higher level of security in future.

The problem, of course, is that far too many people use the same passwords for different accounts.

It’s not enough just to dream up a hard-to-crack password. You also have to make sure that you aren’t using it anywhere else on the net.

Every password you use online should be unique, impossible to guess and hard-to-crack. If that sounds like a tough challenge to you, then chances are that you haven’t heard about password managers like Bitdefender wallet that do all the hard work of remembering your passwords (so you don’t have to), and lock them away from anyone who doesn’t know your master password (the only one you need remember).

About the author

Graham CLULEY

Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by companies such as Sophos, McAfee and Dr Solomon's. He has given talks about computer security for some of the world's largest companies, worked with law enforcement agencies on investigations into hacking groups, and regularly appears on TV and radio explaining computer security threats.

Graham Cluley was inducted into the InfoSecurity Europe Hall of Fame in 2011, and was given an honorary mention in the "10 Greatest Britons in IT History" for his contribution as a leading authority in internet security.

3 Comments

Click here to post a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.