Credential Dumping

Credential dumping is a type of cyber attack where a computer is breached and usernames and passwords are obtained by the attacker. This can be harmful if it happens to your personal computer, but it can be absolutely devastating if an attacker is able to perform credential dumping on a computer that is a part of a larger network.

This hacking technique is implemented after a computer has been breached by the attacker. Usernames and passwords are extremely valuable to cybercriminals and can be used to acquire sensitive information as well as to gain access to admin and other privileged account credentials and other computers on a network.

After gaining access to a computer, a hacker will perform credential dumping by gaining access to the cache of passwords that are stored in your computer s memory. For user convenience, operating systems and browsers have the ability to save usernames and passwords and then automatically fill in your login information to sites and programs you frequent. Unfortunately, this convenience has come at a cost and can leave your information more vulnerable to credential theft and dumping.

Mimikatz

One of the most common tools used to perform credit dumping is Mimikatz. This piece of code was created by Benjamin Delphy in 2007 in order to demonstrate a flaw in the security system of Windows. His code was successful and convinced Windows to eventually fix the flaw, and Mimikatz continued to be used for penetration and security testing. Sadly, the good intentions of the Mimikatz code have been taken advantage of, and it is now a popular tool for hackers.

How to avoid credential dumping






KJ Pace
KJ Pace
KJ Pace writes and coordinates content at TechnologyAdvice in Nashville, TN. When she’s not producing content, she enjoys reading, cooking, and playing with her dogs.

Related Articles

Software Environment

A software environment is a collection of programs, libraries, and utilities that allow users to perform specific tasks. Software environments are often used by...

ClickUp

ClickUp is a cloud-based work and project management platform that enables teams to manage tasks, collaborate in real-time, gain insights via reporting, and more....

Chunk (Data Chunk)

A chunk, also called a data chunk, by RFC2960 SCTP (Stream Control Transmission Protocol) standards, is the term used to describe a unit of...

Blog Search Engine

A blog search engine is specifically focused on finding content in the blogosphere. Blog search engines only index and provide search results from blogs...

Agile Project Management

Agile project management enables business teams to approach their projects and tasks with...

Private 5G Network

A private 5G network is a private local area network (LAN) that utilizes...

Rich Communication Services (RCS)

Rich communication services (RCS) is a mobile messaging approach in which session initiation...