In this article, we cover the details of a distributed credential-stuffing attack that targeted the mobile application of a major US on-demand staffing company. By the end of the bot attack, which lasted 4 days, Castle blocked more than 558K malicious login attempts. Credential stuffing attack metrics * Date: from December
