Credential stuffing
Definition
An automated attack that replays username-password pairs from previous data breaches against new target services, exploiting the widespread reuse of passwords across accounts. A primary identity theft vector that does not require any vulnerability in the target system.
Related terms
- Anti-forensic technique
- Any action taken by an attacker to destroy, conceal, or alter evidence of their activity. Common examples include log clearing, timestomping, use...
- Command and control (C2)
- The channel through which an attacker sends instructions to malware on a compromised host and receives data back. C2 channels range from...
- Double extortion
- A ransomware tactic in which the attacker exfiltrates data before encrypting it, then demands payment both for the decryption key and for...
- FAFT Virtual Asset guidance
- Guidance from the Financial Action Task Force requiring member states to regulate virtual asset service providers (cryptocurrency exchanges) as financial institutions, applying...
- Image-based sexual abuse (IBSA)
- The non-consensual creation, capture, or distribution of intimate sexual images. The term encompasses non-consensual intimate image sharing (formerly called revenge porn), upskirt...
- Lateral movement
- Attacker activity after initial compromise in which the threat actor traverses from one internal system to another, typically to escalate privileges, access...
- Living-off-the-land (LotL)
- An attack approach where the adversary uses tools and binaries already present on the target system, such as PowerShell, WMI, certutil, or...
- Privilege escalation
- A post-access technique in which an attacker who has gained low-level access to a system exploits a vulnerability or misconfiguration to obtain...
- Synthetic identity fraud
- The creation of a fictitious identity by combining real and fabricated personal data elements, such as a genuine national ID number paired...
- Unauthorised access
- The act of accessing a computer, network, or data store without permission from the owner or without lawful authority. The core element...
Explained in these topics
- Hacking and Unauthorised Access OffencesAn automated attack that uses lists of username and password pairs obtained from prior data breaches to attempt login on other services, exploiting password re...
- Ransomware, Identity Theft and Online ExploitationAn automated attack that replays username-password pairs from previous data breaches against new target services, exploiting the widespread reuse of passwords...