|
|
|
|
|
|
by nibbleshifter
1253 days ago
|
|
|
> Plus, this might incentivize hackers to defeat the system by logging into and using email accounts pwned in these breaches. This already happens at a large scale anyway. There's hundreds, if not thousands of "account shops" and sellers online selling hacked accounts for all sorts of services. Everything from Spotify to Twitter to news sites. They ingest new breaches (or use automated tools to go hack sites and dump databases), and automatically test the leaked credentials against loads of shit using tools like OpenBullet or SentryMBA. Those tools even integrate rotating proxies, captcha solvers, etc. There's a few good talks on this, credential spraying and account shops. |
|
|