Featured White Paper: A Guide to Continuous Identity Protection For Your Online Business Learn more
eBook - 4 Tactics Cyberattackers are Starting to Employ in Account Take Over Attacks Learn more
New Cloudflare Integration - Protecting your company is now simpler with Cloudflare. Learn more

Account Takeover Demo 1 - How Attackers Appear Larger To Avoid Detection

Heather Howland
VP of Marketing

Castle has been researching new Account Takeover tactics that cyberattackers are using to successfully exploit users so that it can continue to improve its advanced threat modeling.

One tactic used by hackers to improve the success of account takeover attacks is to use as many IP addresses as possible. This way, they appear to be a large number of individual users trying to login to the site, which reduces suspicion and helps avoid detection.

In this video you see a single attacker using close to 63,000 IP addresses, orginating from almost 5000 Internet Service Providers, in more than 200 countries to spread out their traffic. Ultimately, they targeted more than 30,000 users, completing over a million login attempts, which should have resulted in over 1600 valid credentials that they could have used to successfully login and steal sensitive data had Castle not stopped this attack. Those valid credentials would have enabled and attacker to login and steal sensitive data, transfer money, or do whatever it was they wanted to do.

To learn more about this attack, read our blog: https://blog.castle.io/how-attackers-hide-in-plain-sight-when-perpetrating-account-takeover-attacks/