Why Was DraftKing Targeted? Expert Weighs In

By   ISBuzz Team
Writer , Information Security Buzz | Nov 23, 2022 07:04 am PST

Our Information Security Experts reacted below on why gambling sites were particularly vulnerable or of interest to credential stuffing attacks.

Subscribe
Notify of
guest
1 Expert Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Timothy Morris
Timothy Morris , Technology Strategist
November 23, 2022 3:05 pm

This is an interesting case as gambling sites are inherently attractive to criminals because they’re typically tied to users’ bank account. Plus, gambling is considered taboo for some which makes them less likely to come forward if victimized, thus creating prime targets.

These factors combine to be an ideal attack vector for an old favorite – “credential stuffing.” It has been around for a long time but has risen in popularity this year stemming from large credential (user id/email & password pairs) lists becoming readily available. These compiled and aggregated lists make it easy for attackers to automate their attacks, attempting multiple account logons per second.

Last edited 1 year ago by timothy.morris

Recent Posts

1
0
Would love your thoughts, please comment.x
()
x