Basecamp Endured a Brute Force Attack

  • 154
  •  
  •  
  • 1
  •  
  •  
  •  
    155
    Shares

Once again, another popular online portal fell victim to a cyber attack. However, this time, the targeted firm Basecamp effectively fought back against a credential stuffing attack affecting around 30,000 accounts. Nonetheless, the company had to reset passwords of affected accounts.

Basecamp Fought Back Against Cyber Attack

The seemingly neverending wave of credential stuffing attacks struck the firm. However, the attack didn’t seem successful. Reportedly, Basecamp endured the cyber attack by determined criminals.

The company’s founder and CTO, David Heinemeier Hansson, first disclosed the attack. He reported about the incident in detail in an official blog post. As revealed, Basecamp’s ops team observed a potential cyber attack on January 30, 2019, 12:45 pm central time. The team noticed a drastic rise in the number of login attempts on the Basecamp’s website.

“More than 30,000 login attempts were made in the hour that followed from a wide array of IP addresses.”

Hansson elaborated that the team took quick actions and employed various strategies to contain the attack.

“Our first line of defense was to block the offending addresses, but ultimately we needed to enable captcha to stop the attack.”

Thus by blocking the attacking IP addresses followed by application of CAPTCHA system, Basecamp team successfully endured the attack.

Hansson further explained that while the attackers did access various accounts, they didn’t perform any other actions.

“It seemed like the attack focused on first validating which accounts were vulnerable, perhaps with a plan to later exploit these vulnerable accounts.”

Basecamp Reset Passwords Of Affected Accounts

Although the firm quickly defended the attack, the attacker still managed to affect around 124 accounts. After containing the attack, Basecamp logged out the affected accounts and reset passwords. Certainly, for a firm having a userbase of roughly 3 million, the 124 targeted accounts looks meager.

Regarding how the attackers could have obtained the credentials, Hansson suspects the database collections of breached credentials, such as the Collection #1.

“All of the unauthorized access was gained using the correct username and password for the account. It’s highly likely that these credentials were obtained from one of the big breaches, like those collected in combos like Collection #1, Anti Public, or Exploit.in.”

He advises users to employ adequate security measures to keep their credentials secure. He recommends employing two-factor authentication and using password managers for ensuring password security. Moreover, he also suggests the users subscribe to a breach alert service such as HaveIBeenPwned to stay updated about the breached credentials.

This report comes right after the news about DailyMotion credential stuffing attack surfaced online. That time too, the attack affected a limited number of accounts.

The following two tabs change content below.
Avatar

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]
Avatar

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Do NOT follow this link or you will be banned from the site!