What is OpenBullet?
OpenBullet is a web automation suite created with the intent to automate tasks through HTTP web requests. It has been primarily used by people to make tasks such as penetration testing and data scraping much easier to perform. The software is opensource and can be found on Github very easily. Although this software was created with the intent to aid security professionals, it has since been abused by Cybercriminals who use the software to enable them to perform malicious tasks such as credential stuffing.
What is Credential Stuffing?
Credential stuffing is the act of taking stolen credentials, usually acquired from stolen databases through exploiting vulnerabilities with attacks such as SQL injection and then proceeding to attempt to login to accounts for other services using the stolen email:password combinations. The term “credential stuffing” is used because these malicious individuals are literally “stuffing” the stolen credentials into login pages of various websites and services in order to gain unauthorized access to accounts.
Why is “OpenBullet” used for this?
So now you know why they perform these attacks. But why is it that they abuse OpenBullet for this of all softwares?
Quite frankly this is simply due to the fact that OpenBullet is insanely user friendly and easy to pick up. When it comes to performing a credential stuffing attack there is plenty of documentation online through YouTube videos and underground forums to the point where anyone with basic computer literacy could pick up OpenBullet and be hacking into accounts within a couple of days or even potentially hours. I have even tested this myself on a website owned by me and had a full blown credential stuffing attack running on my website in under 20 minutes.
Why is this important for me to know?
So you’ve seen how simple these attacks are to perform and how people perform them. Why is it that you should really be worried?
The main reason you need to know about OpenBullet is due to the fact that it shows just how many people don’t follow simple internet security standards. Everyone that is vulnerable to these credential stuffing attacks are people that reuse common passwords. A quick and easy way to make sure you do not fall victim to these attacks is by using randomly generated passwords which are hard to crack. An easy way to keep track of these things is through a password manager such as BitWarden which I also use personally. Through using a password manager you can keep all of your passwords randomly generated and secure without worrying about the credential stuffing attacks which happen so often.
As a website owner what can you do to help prevent these attacks?
As a short way to put it, there is pretty much no way you can fully prevent credential stuffing. There will always be a way to automate the inputting of credentials into your website or application. On the other hand however, what you can do is try your best to make it as hard as possible for people to breach the accounts after the credentials are stolen. To do this it would be ideal to force protections such as email verification on login, 2FA and other identifying information onto your users. This would increase account security by a huge amount. Another way you can help mitigate the amount of attacks is through anti-bot solutions such as Akamai. Through implementing these it would make it largely more difficult for people with less knowledge on credential stuffing attacks to attack your website therefore reducing the amount of attacks massively.
In Conclusion:
If you are a user of a website or own a website it is highly recommended nowadays to enforce strict online security practices. Use long, secure, randomly generated passwords and store them within a secure password manager of your choice. Implement anti-bot solutions to your website and enable 2FA and any other verification methods you can in order to enable users to have the best and most secure experience possible. In today's world credential stuffing is the norm and therefore we need to do something to help slow it down or prevent it completely. Thank you for reading and stay safe!
