Okta has reported a significant rise in credential stuffing attacks against various online services.

The attacks, occurring between April 19 and April 26, 2024, leverage residential proxies, stolen credentials list, and automated tools.

Unlike traditional attacks from VPS providers, these are mainly launched from mobile devices and standard web browsers.

Residential proxies are being exploited by attackers to bypass detection mechanisms.

Cisco and HUMAN's Satori Threat Intelligence have also observed increased brute-force attacks and identified malicious Android VPN apps.

The situation underscores an urgent need for enhanced security protocols to thwart account takeovers and safeguard data.