Spotify users are aiming for yet another credential stuffing attack. Just three months ago there was one. The company forced password resets for affected users. Cybercriminals who use these credentials take advantage of people who reuse the same passwords across multiple online accounts. Attackers simply create automated scripts that systematically attempt stolen IDs and passwords (collected from a breach by another company or website, or purchased online) against various types of accounts.
Cybercriminals have already taken advantage of this approach to steal customer data from several companies like North Face, Dunkin Donuts, Nando’s food chain. Last year, FC Barcelona’s official Twitter account was hacked into an apparent attack of this type.
In the previous attack in November, cybercriminals attacked hundreds of thousands of Spotify users, causing the service to issue password reset notices. Researcher Bob Diachenko tweeted about the new Spotify attack on Thursday: “I discovered a malicious #Spotify logger database, with over 100,000 account details (leaked elsewhere online) being misused and compromised as part of a credential filling attack. ”
He also posted a statement from Spotify about the incident that confirmed the attack.
“We recently protected some of our users from a credential stuffing attack,” read the warning. “As soon as we became aware of the situation, we issued password resets to all affected users, which made public credentials invalid.”
The company also noted that the attacks were carried out using a data set obtained illegally: “We work to have the fraudulent database removed by the ISP hosting it”.
With international agencies
See the original post at: https://www.cisoadvisor.com.br/spotify-sofre-o-segundo-ataque-de-credential-stuffing-em-90-dias/?rand=59039
