LastPass Attacked Again Via Developer’s PC
LastPass does not come to rest: The provider of password management software has now announced that the already-known problems of the past year have been followed by more. Among other things, attackers penetrated an employee’s private computer.
The attacker appears to be the same person or group responsible for the previous incidents. Everything indicates that it was a well-planned attack that gradually stole more and more of the company’s data. These could then be combined together for maximum effect.
As the company has now announced, the attacker from the first attack, which took place in the summer of 2022, used the information obtained to start a well-coordinated second stage. Between August 12 and October 26, there were several other attacks on the software manufacturer’s infrastructure.
Weak point home office
The biggest problem was the fact that the attacker managed to gain access to the private PC of a high-ranking DevOps developer. A vulnerability in media software was exploited for this purpose. As a result, keylogger malware tracked the user’s access to LastPass’ cloud resources. Among other things, the master password of the developer and his token of the two-way authentication could be tapped.
In this way, the unauthorized person or persons gained access to sensitive information and backups stored in the cloud storage, operated by Amazon. Due to the atypical behavior, however, the alarm systems went off there, which made it possible to track down the unauthorized access. According to the information, various measures have been taken to eliminate the problems. However, the stolen data should still not be suitable for giving the attackers access to the users’ password safes.
It has been a long time since I joined Research Snipers. Though I have been working as a part-time tech-news writer, it feels good to be part of the team. Besides that, I am building a finance-based blog, working as a freelance content writer/blogger, and a video editor.
1 thought on “LastPass Attacked Again Via Developer’s PC”