NordVPN users’ passwords exposed in mass credential-stuffing attacks

by
Dan Goodin
from Ars Technica - All content on (#4THGJ)
Screen-Shot-2016-05-31-at-2.56.38-PM-640

(credit: ABC Photo Archives / Getty Images)

As many as 2,000 users of NordVPN, the virtual private network service that recently disclosed a server hack that leaked crypto keys, have fallen victim to credential-stuffing attacks that allow unauthorized access to their accounts.

In recent weeks, credentials for NordVPN users have circulated on Pastebin and other online forums. They contain the email addresses, plain-text passwords, and expiration dates associated with NordVPN user accounts.

I received a list of 753 credentials on Thursday and polled a small sample of users. The passwords listed for all but one were still in use. The one user who had changed their password did so after receiving an unrequested password reset email. It would appear someone who gained unauthorized access was trying to take over the account. Several other people said their accounts had been accessed by unauthorized people.

Read 7 remaining paragraphs | Comments

index?i=dRvPWHfLPaE:pGi6s9Spi3o:V_sGLiPB index?i=dRvPWHfLPaE:pGi6s9Spi3o:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments