Tech moves fast! Stay ahead of the curve with Techopedia!
Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.
A reverse brute force attack happens when a hacker or black hat party tries to reverse engineer some security or protection process through utilizing a secondary key or piece of data. It’s the reverse of a conventional brute force attack, which generally seeks to “crack” an account through brute force work on a password or similar key.
To understand the reverse brute force attack, let's look at what a normal brute force attack consists of.
In a traditional brute force attack, the hacker has an important primary key — an account identifier or some other piece of information. All that he or she needs is the password or encryption key in order to enter systems and wreak havoc.
Traditional brute force attacks, then, focus on decryption and code-breaking software that will simply force discovery through big data analysis or other automated methods. Brute force attacks are contrasted with other kinds of attacks where hackers may use social engineering or phishing schemes to actually get the password in question. A good example of a brute force attack is an algorithm that would identify usable credit card numbers attached to specific names or identifiers.
With that in mind, the reverse brute force attack is where the hacker has that password or key, but needs the original identifier, such as a username or account number.