FBI warns of Residential Proxies Used in Credential Stuffing Attacks

Share post:

The U.S. Federal Bureau of Investigation (FBI) has warned of residential proxies used by attackers for large-scale credential stuffing attacks.

Credential Stuffing is a type of attack in which threat actors use large collections of username/password combinations uncovered in previous data breaches to gain access to other online platforms.

The FBI warns that threat actors use residential proxies to hide their actual IP address behind those commonly associated with home users, which is unlikely to be present in blocklists.

“Malicious actors utilizing valid user credentials have the potential to access numerous accounts and services across multiple industries – to include media companies, retail, healthcare, restaurant groups, and food delivery – to fraudulently obtain goods, services, and access other online resources such as financial accounts at the expense of legitimate account holders,” the FBI said.

Steps administrators can take to protect their users from losing accounts to credential stuffing attacks include offering multi-factor authentication, downloading widely available leaked credentials, and fingerprint checks.

Others include identifying and monitoring default user-agent strings, searching and discovering what configurations proxy tools used for their websites, and introducing “shadow-banning” to limit what suspicious users/accounts on the platform can do without blocking them.

The sources for this piece include an article in BleepingComputer.

SUBSCRIBE NOW

Related articles

London hospitals cancel over 800 operations after ransomware attack

NHS England disclosed today that a recent ransomware attack on Synnovis has led to the cancellation of hundreds...

Microsoft cancels universal Recall release in favor of Windows Insider preview

Microsoft has decided to cancel the wide release of Recall, the controversial tool for Copilot+ PCs, and instead...

Cyber Security Today, Week in Review for week ending Friday, June 14, 2024

Welcome to Cyber Security Today. This is the Week in Review for the week ending Friday, June 14th,...

Cyber Security Today, June 14, 2024 – Employee downloaded a file that led to hospital chain’s ransomware attack

An employee downloaded a file that led to hospital chain's ransomware attack Welcome to Cyber Security Today. It's Friday...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways