New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


Passwords Stolen from Website Users

Credentials from 8.3 million user accounts were stolen from the website after attackers exfiltrated the site’s database, which was then offered for sale on underground forums and on Telegram channels. According to The Record, the database contents include plaintext passwords, emails, and IP addresses for 8.3 million accounts. It had been sold since January 2021 for around $2000 USD in cryptocurrency but is now publicly accessible after landing in the hands of researchers. Have I Been Pwned has also received a copy of the database to assist users in determining if their credentials were stolen and now exposed.

Analyst Notes

One of the many risks users face when news of a breach comes out is dealing with reused passwords. With sites like DailyQuiz being relatively innocuous for many users, they may not realize the risk of reusing credentials that can be pivoted off to other accounts, an attack called credential stuffing. If the site itself is compromised, there is not much a user can do. Still, there are ways to protect oneself from Credential Stuffing attacks using Multi-Factor Authentication (MFA) and unique passwords on other sites. Even if passwords are reused on other sites, MFA can help prevent account takeover on those sites that allow it, but a password manager that creates strong and random passwords paired with MFA where possible can be an easy to use and highly effective combination for protecting access. While these won’t stop breaches, taking simple steps like this can make protecting yourself that much easier.