Security News > 2022 > August > FBI warns of residential proxies used in credential stuffing attacks
The Federal Bureau of Investigation warns of a rising trend of cybercriminals using residential proxies to conduct large-scale credential stuffing attacks without being tracked, flagged, or blocked.
Because credential stuffing attacks carry specific characteristics that differentiate them from regular login attempts, websites can easily detect and stop them.
To override basic protections, the FBI warns that threat actors are using residential proxies to hide their actual IP address behind ones commonly associated with home users, which are unlikely to be present in blocklists.
Using these tools, cybercriminals automate credential stuffing attacks, with bots attempting to log in across numerous sites using previously stolen login credentials.
The FBI says credential stuffing attacks are not limited to websites and have been seen targeting mobile applications due to their poor security.
In a joint operation involving the FBI and the Australian Federal Police, the agencies investigated two websites that contained over 300,000 unique sets of credentials obtained through credential stuffing attacks.