Credential stuffing attacks have become so prevalent in the first quarter of 2022 that traffic surpassed that of legitimate login attempts from normal users in some countries.
This type of attack takes advantage of “password recycling,” which is the bad practice of using the same credential pairs (login name and password) across multiple sites.
Once the credential are leaked or brute-forced from one site, threat actors perform a credential stuffing attack that attempts to use the same leaked credentials at other sites to gain access to users' accounts.
As the FBI warned recently, these attacks are growing in volume thanks to the readily available aggregated lists of leaked credentials and the automated tools made available to cybercriminals, enabling them to test pairs against many sites.
Okta reports that the situation has worsened in 2022, as the identity and access management firm has recorded over 10 billion credential stuffing events on its platform in the first 90 days of 2022.