Video-Sharing Platform Targeted by Credential Stuffing Attacks

Bad actors have targeted a video-sharing technology platform with credential stuffing attacks in order to hijack users’ accounts.

Sponsorships Available

On 25 January, Dailymotion published a statement on its website in which it announced that it had been the subject of “a large-scale computer attack.”

After discovering the digital offensive, Dailymotion’s technical teams implemented various security measures to contain the attack’s scope.

Dailymotion takes a moment in its statement to identify the exact nature of the assault:

The attack consists in “guessing” the passwords of some dailymotion accounts by automatically trying a large number of combinations, or by using passwords that have been previously stolen from web sites unrelated to dailymotion.

Bad actors have numerous data breaches from which to choose for conducting what are generally known as “credential stuffing” or “password reuse” attacks. Take the “Collection #1” data breach, for instance. This security incident exposed approximately 800 million email addresses as well as tens of millions of passwords.

True, the Collection #1 “megabreach” was two or three years old at the time of its discovery, as noted by investigative information security journalist Brian Krebs. But that’s not to say that users who reused their now-compromised credentials across multiple web accounts have updated their passwords. Digital attackers could therefore use those exposed credentials to fuel their credential stuffing attacks, not to mention other types of scam campaigns.

According to Dailymotion’s technical teams, this latest credential stuffing attack is still ongoing. The video-sharing platform is therefore working to definitively end the attack. In the meantime, it’s notified users affected by the campaign and has contacted CNIL (French Data Protection Authority).

Users of Dailymotion and other web services can defend against credential stuffing attacks by using a strong, unique password for each one of their web accounts. They should also enable (Read more...)