Edit: yeah it’s just a brute force. That’s fuckn embarrassing
“Credential Stuffing is a subset of the brute force attack category. Brute forcing will attempt to try multiple passwords against one or multiple accounts; guessing a password, in other words. Credential Stuffing typically refers to specifically using known (breached) username / password pairs against other websites.”
Just because this method is a subset of the brute force attack doesn’t mean that they don’t have request limiting. They are reusing known breached passwords from other platforms, which makes it basically a guarantee that they will get the right password if they don’t use a password manager. Their computer systems are secure, it’s just their business model that’s a privacy nightmare.
According to the quote they would’ve used breached passwords. You don’t know anything about request limiting. It wasn’t just randomly entering passwords unrestricted, as per your own quote.
So they brute forced the login?
No request limiting?
Wtf
Edit: yeah it’s just a brute force. That’s fuckn embarrassing “Credential Stuffing is a subset of the brute force attack category. Brute forcing will attempt to try multiple passwords against one or multiple accounts; guessing a password, in other words. Credential Stuffing typically refers to specifically using known (breached) username / password pairs against other websites.”
Just because this method is a subset of the brute force attack doesn’t mean that they don’t have request limiting. They are reusing known breached passwords from other platforms, which makes it basically a guarantee that they will get the right password if they don’t use a password manager. Their computer systems are secure, it’s just their business model that’s a privacy nightmare.
According to the quote they would’ve used breached passwords. You don’t know anything about request limiting. It wasn’t just randomly entering passwords unrestricted, as per your own quote.
Limits aren’t a concern if you’re controlling a bunch of zombies. The big guys usually have thousands if not hundreds of thousands of 'em.