Case Study: Large North American Banking and Financial Services Company Stops Massive Credential Stuffing Attack with HYAS Insight

Large North American Banking and Financial Services Company - Customer Case Study

HYAS worked with a large North American banking and financial services company that was battling a massive, globally distributed credential stuffing attack against customer accounts. The bank’s security and fraud teams were overwhelmed by the scale and complexity of the attack, which used more than 25,000 IPs, spread across multiple regions, and relied on a botnet of compromised home routers to evade detection.

Using HYAS Insight, HYAS identified over 17,000 of the IPs involved, geo-located more than 9,000 of them, and uncovered the SOCKS proxy infrastructure and attacker-controlled domains behind the campaign. HYAS and the bank were able to attribute the attack to two Russian adversaries, share threat intelligence with FS-ISAC and other organizations, and help more than 200 global enterprises adjust defenses to mitigate similar attacks.