Credential Stuffing | Avast

Credential Stuffing | Avast
Byron Acohido, 16 September 2020

Automated cyberattacks are torching trust in several local systems that we depend on



What do wildfires and credential stuffing have in common?
For several years now, both have flared up and caused harm at the fringes of population centers and our digital economy. And, now, in 2020, both have escalated to catastrophic proportions.
Just after Labor Day, dried out trees and shrubs combined with high winds to erupt into massive wildfires that swiftly engulfed rural towns and even suburban areas of California, Oregon, Washington and several other states. Millions of acres of land got consumed, hundreds of thousands of people were evacuated and dozens lost their lives.
Meanwhile, all year long and continuing through the fall, opportunistic cybercriminals have launched wave after wave of automated credential stuffing campaigns. These bad actors are wreaking havoc in two arenas: Stealing Covid-19 relief payments on a massive scale as well as meddling, once again, in the election of a U.S. president.
The wildfires eventually subsided with calmer, damper meteorological conditions. However, massive surges of credential stuffing have persisted, fueled by a seemingly endless supply of already stolen, or easy-to-steal, personal information along with the wide availability of sophisticated hacking tools.
It behooves us all to pay much closer attention to credential stuffing. After all, neither Covid-19 nor the results of the November presidential elections are expected to be completely resolved for months more to come. Here are a few vital things all consumers, company executives and political leaders should understand about coming waves of credential stuffing.
The scaling ..