Okta Warns of Credential Stuffing Attacks Using Proxy Services

Okta has issued a warning about the increasing prevalence of credential-stuffing attacks.

These attacks, which leverage stolen user credentials to gain unauthorized access to accounts, are facilitated by the widespread use of residential proxy services.

This alarming trend underscores the evolving challenges in cybersecurity and highlights the need for robust defensive measures.

The Rise of Credential Stuffing Attacks

From mid-March to late April 2024, cybersecurity teams at Duo Security, Cisco Talos, and Okta’s own Identity Threat Research team have observed a significant uptick in brute force and credential stuffing attacks.

Is Your Network Under Attack? - Read CISO’s Guide to Avoiding the Next Breach - Download Free Guide

These attacks are becoming more frequent and sophisticated, utilizing advanced tools and the anonymity provided by proxy services like TOR, NSOCKS, Luminati, and DataImpulse.

Credential stuffing attacks involve using large databases of usernames and passwords—acquired through previous data breaches, phishing, or ...