A few notable tools include SentryMBA, SNIPR, STORM and MailRanger.
Keyloggers, stealers and other forms of malware can expose user credentials, giving attackers control of victims’ accounts.Īttackers can also download cracked passwords from darknet markets to attempt ATO on the same user accounts on their target site.Īfter the attacker has a long list of credentials, several ATO applications are available for download. Without controls such as multifactor authentication (MFA), lost credentials can lead to compromised accounts. Old-fashioned credential phishing remains an effective way to get a victim’s password.
If one of those passwords is leaked in an unrelated data breach, any other account with the same username (often an email address) and password is at risk. It’s a bad practice, but many people use the same password for multiple accounts.