Lead Image © Galyna Andrushko, 123RF
Credential harvesting at the network interstice
Where the Wild Things Are
Brute forcing the web browser and the conversations it has with Internet-based resources now seems to be the primary hacking method. Although many people still use their Microsoft Outlook clients, the web browser is where most users store their credentials to check email, log on to cloud services, use social media, and generally do what they do every day. This means the browser and its subsequent transactions are the main target of credential harvesters worldwide.
Credential harvesting is the practice of obtaining usernames and passwords illicitly and then either selling them to the highest bidder (often on the dark web) or handing them over to an attacker – a relatively new practice. (See the "Have I Been Harvested?" box.) Traditionally, hackers were interested in compromising systems either smash-and-grab style or as "full-stack" attackers trying to control systems through long-term advanced persistent threat (APT) techniques. These methods are really no longer the most popular. Many attackers simply focus on obtaining credential information, which can include usernames, passwords, and associated metadata, such as email addresses, connection data, and the equipment potential victims use every day.
Have I Been Harvested?
You can discover whether you've been harvested already by going to the Have I Been Pwned website [1] and conducting a simple search. This website is, in many ways, a Google-like service for anyone who is curious about whether their user credentials have been stolen. The site's operator has specialized crawlers, bots, and engines that obtain information about millions of hacked users and then place that information into a searchable database. You can search for websites and, for example, social media platforms that have been hacked recently by credential
Buy this article as PDF
(incl. VAT)
Buy ADMIN Magazine
US / Canada
UK / Australia
Related content
-
Searching for security flaws and exploits with Burp Suite
You can strengthen your web security by testing for common vulnerabilities. We show how to do this using the attack proxy known as Burp Suite. -
Improved defense through pen testing
Discover indicators of compromise with open source pen testing tools. -
Discovering indicators of compromise
Open source pen testing tools help you view an attack from the perspective of both the attacker and the defender. - New Linux Malware Infects All Running Processes
-
Targeted attacks on companies
Watering hole and spear phishing targeted attacks offer the greatest rewards to cybercriminals. Here's how to protect your company from these types of attacks.