It was recently revealed that Spotify has suffered its second credential stuffing attack in three months. It is estimated that almost a hundred thousand accounts can face a takeover.
What is Credential Stuffing?
A script is written by cybercriminals that is capable of checking stolen IDs and passwords one by one. These credentials can be taken from another website’s database or there are some databases available online for purchase.
The attackers try these credentials until one works and benefit from the people who have the same password on several websites.
What happened to Spotify?
In November 2020, over 380 million Spotify user records were exposed on an unprotected Elasticsearch database. The unknown attackers used the same credential stuffing method to create the database. This caused Spotify to prompt all the users to change their passwords.
However, on February 4th, 2021, Bob Diachenko, a cybersecurity researcher uncovered a Spotify logger database that was extracted by using yet another credential stuffing attack. The owner of the database is still unknown.
In his tweet, the researcher addressed the issue and revealed that:
“I have uncovered a malicious Spotify logger database, with 100K+ account details (leaked elsewhere online) being misused and compromised as part of a credential stuffing attack.”
The exposed database
He included a statement from Spotify r ..
Support the originator by clicking the read the rest link below.
