Akamai Reports a Brute-Force ATO Attack on Two of Their Customers
Akamai’s security defenses picked up a one-week brute force attack from February 10-17, 2016. 93% of the attacker’s attempts was targeting two specific companies and three domains in the financial and media\entertainment sectors. Akamai is a big content distribution network and cloud service provider. Their clients include many big name companies, including Adobe, Audi, BuzzFeed.
Here are some statistics of the brute force attack:
During the attack, many domains were compromised, but 93% of the hacker’s efforts were aimed at the financial and the entertainment clients. In the seven-day timeframe, 993,547 different IPS were used to check 427,444,261 accounts. 778,786 of the IPs were used to attack both customers. The strongest breaches occurred on the first and last days of the attack.
Home Router Exploits Aided the Attack
A big amount of the breach was carried out by proxy servers, but Akamai reports that compromised home routers were also used. Akamai note that a cluster of IPs was based in Mexico with many Arris cable modems. Arris cable modems have up to three exploitable backdoors that were publicly known since 2009.
Some Facts about Brute-Force Attacks
What Is a Brute-Force Attack?
Brute-force is a method of hacking in which the attacker tries every possible access code and password. A good analogy would be to punch every single number combination (from 000 to 999) on a three digit padlock. The process, of course, is much more complicated and includes a larger amount of combinations. Most brute-force attacks try to guess the right password, usually by starting with the most commonly used ones and simple words from the dictionary. Brute-forcing is very dangerous because it can work even when the hackers can’t find breach a security system through exploits.
Learn More about Brute Force Attacks
What about ATO (account takeover?)
ATO attacks aim to take direct control over a user accounts. ATO hacking is usually achieved through using pre-existing passwoord information from the Internet or password dumpsites. The end-goal of taking over an account is usually to steal personal information and drain any attached bank accounts.
Tips for avoiding brute-force hacking:
- As always, the easiest thing you can do to improve your account security is improving your password etiquette. Make them longer, include some numbers and symbols, avoid simple words and names, and for God’s sake, don’t use “123456” or “password”, it’s the first thing a brute-force attack would try out.
- Check your accounts often, especially the ones in online stores or sites with transactions.
- Change your passwords frequently.
- Don’t reuse the same password in different accounts. If the password for one account is known, the other ones are much easier to hack. Considering how often account information is being leaked, connecting two different accounts to the same person isn’t as hard as one would guess.
You can also check out our password guide.