Our Information Security Experts reacted below on why gambling sites were particularly vulnerable or of interest to credential stuffing attacks.
Our Information Security Experts reacted below on why gambling sites were particularly vulnerable or of interest to credential stuffing attacks.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics
This is an interesting case as gambling sites are inherently attractive to criminals because they’re typically tied to users’ bank account. Plus, gambling is considered taboo for some which makes them less likely to come forward if victimized, thus creating prime targets.
These factors combine to be an ideal attack vector for an old favorite – “credential stuffing.” It has been around for a long time but has risen in popularity this year stemming from large credential (user id/email & password pairs) lists becoming readily available. These compiled and aggregated lists make it easy for attackers to automate their attacks, attempting multiple account logons per second.