The Attacker’s Dictionary
rapid7-research-the-attackers-dictionary
rapid7-research-the-attackers-dictionary
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
05<br />
COLLECTED CREDENTIALS<br />
We have collected credentials intended for our RDP listening services over<br />
the past 334 days, from 2015-03-12 to 2016-02-09. Over this period, we<br />
have recorded 221,203 attempts to login, sourced from 119 countries<br />
(Figures 5 and 6).<br />
While we have primarily focused on the interesting features of the passwords,<br />
our Heisenberg network has also collected usernames. Because of<br />
this, we have access to the complete credentials, which can be critical in<br />
identifying the intended target.<br />
Figure 5: Credentials collected worldwide<br />
| Rapid7.com <strong>The</strong> <strong>Attacker’s</strong> <strong>Dictionary</strong>: Auditing Criminal Credential Attacks 10