Who and What is Behind the Malware Proxy Service SocksEscort?
- Thread starter Condobloke
- Start date
Sometime within the past year, probably less, you've linked to a couple of articles about these proxy-for-hire services being shut down. As predicted, it didn't take long for malicious parties to find replacement services.
I did learn that they've given it a name, calling it, "password-spraying attacks". That's basically when you take a bunch of usernames and then use them in combination with a bunch of default/common passwords. It's not a new technique, not even by a long shot, but it appears to now have a fancy name.
Back in the day, we'd set up a bunch of proxies (in software) and add a list of common usernames and common passwords. We'd then try to get a password match. It's a bit different from 'brute force', which is when you systemically progress through password options (think "aaaaaaa1" then "aaaaaa2" and then "aaaaaa3") - preferably with a known username.
As near as I can tell, it's just a fancy new name for something that has been done for years.
None of this is particularly new. As routers have unfettered access to the internet and are seldom updated (or even getting support from the vendors anymore), it makes perfectly good sense to target them.
I did learn that they've given it a name, calling it, "password-spraying attacks". That's basically when you take a bunch of usernames and then use them in combination with a bunch of default/common passwords. It's not a new technique, not even by a long shot, but it appears to now have a fancy name.
Back in the day, we'd set up a bunch of proxies (in software) and add a list of common usernames and common passwords. We'd then try to get a password match. It's a bit different from 'brute force', which is when you systemically progress through password options (think "aaaaaaa1" then "aaaaaa2" and then "aaaaaa3") - preferably with a known username.
As near as I can tell, it's just a fancy new name for something that has been done for years.
None of this is particularly new. As routers have unfettered access to the internet and are seldom updated (or even getting support from the vendors anymore), it makes perfectly good sense to target them.
OP
Condobloke
Well-Known Member
What is Password Spraying? | Keeper
Password spraying is when an attacker uses common passwords to attempt to access several accounts, Learn how to protect yourself and your business.
www.keepersecurity.com
