Close
0%
0%

FIRST VICTIMS OF THE VPN CREDENTIALING SURGE

Preface

tomtonmaxtomtonmax
Following
Liked Like project

Just one more thing

To make the experience fit your profile, pick a username and tell us what interests you.

Pick an awesome username
hackaday.io/
Your profile's URL: hackaday.io/username. Max 25 alphanumeric characters.
Pick a few interests
Projects that share your interests
People that share your interests

We found and based on your interests.

Choose more interests.

OK, I'm done! Skip
Similar projects worth following
0 comments
0 followers
  • Description
  • Details
  • Files 0
  • Components 0
  • Logs 0
  • Instructions 0
  • Discussion 0
View Gallery
We hope that the information shared in this article may be useful to VPN service providers and online services. We have tried to fill it in with as much detail as possible to provide a better picture of this issue. If you have been targeted by the same type of attack and need advice, please do not hesitate to contact us. We'll be happy to share our knowledge.
Introduction

The VPN has been the target of DDoS attacks countless times in the past, but a couple of weeks ago we noticed something different and new to us.

Another botnet, which usually targets our customer management system, has now changed its attack direction to our API. A quick look at this showed that it was a credentialing exercise. Someone was using a collection of previously stolen credentials to try and verify them in our user base.

The VPN is primarily immune to this attack vector, as we generate a unique username for each new user.

Read more on ip-locations org

Enjoy this project?

Share

Discussions

Similar Projects

Online inventory for your IC components
Project Owner Contributor

IC Locker

tilenTilen

While cryptocurrency presents some new challenges for consumer protection, the technology also makes available security and safety features
Project Owner Contributor

BitMania

calvin-sCalvin S.

Home automation through silly AI. Translation, Weather, Radio, Hue, Raspberry, Wikipedia and more!
Project Owner Contributor

Pie

kevin-anderssonKevin Andersson

This is a modified version of the e-mail collector script that is originally present in any install of the metasploit framework.
Project Owner Contributor

Improved E-mail Collector

pierreppierrep

Does this project spark your interest?

Become a member to follow this project and never miss any updates

Going up?

About Us Contact Hackaday.io Give Feedback Terms of Use Privacy Policy Hackaday API

© 2024 Hackaday

Yes, delete it Cancel

Report project as inappropriate

You are about to report the project "FIRST VICTIMS OF THE VPN CREDENTIALING SURGE", please tell us the reason.

Send message

Your application has been submitted.

Remove Member

Are you sure you want to remove yourself as a member for this project?

Project owner will be notified upon removal.