Malicious hackers targeted the organization’s members through SSO service

Internet registry RIPE NCC warns of credential stuffing attack

Internet registry RIPE NCC has announced it was the victim of a credential stuffing attack affecting its single-sign-on (SSO) platform.

The RIPE Network Coordination Centre is the regional internet registry for Europe, the Middle East, and Central Asia.

Yesterday (February 18), the non-profit organization warned it had become the victim of a targeted attack on the RIPE NCC Access tool, which caused its networks to be knocked offline.

The center said it has no evidence that any SSO accounts have been compromised but is continuing to investigate the incident.

BACKGROUND Credential stuffing attacks: How to protect your accounts from being compromised

A statement reads: “We mitigated the attack, and we are now taking steps to ensure that our services are better protected against such threats in the future.”

RIPE NCC has urged any account holders to employ two-factor authentication, if they have not done so already, and to inform them of any suspicious activity.

As an internet registry, RIPE NCC is responsible for providing global internet resources and related services, such as IPv4, IPv6, and AS Number resources, to members in its service region.

Its members consist mainly of internet service providers, telecommunications organizations, and large corporations across the 75 countries.

Unauthorized access

Credential stuffing attacks occur when malicious hackers use login information stolen from data breaches to access their victims’ accounts.

Username/password pairs stolen from one website are automatically fed into the login pages of other web applications.

Leveraging the principle of trial and error, attackers use specialized software to ‘stuff’ an enormous volume of credential combinations into sign-in pages at high velocity in a bid to compromise accounts.

YOU MAY ALSO LIKE Centreon downplays reports of backdoor software vulnerabilities