The existence of such lists highlights the ongoing shift from complex system exploits to . When a hacker has a "UHQ" list, they don't need to "break in" via a software vulnerability; they simply log in using valid, stolen credentials. This bypasses many traditional perimeter defenses, making Multi-Factor Authentication (MFA) and Zero Trust architecture the only viable counters.
Threat actors use these lists with automated tools to bypass login screens that do not have rate-limiting or Multi-Factor Authentication (MFA). Recommended Response Actions
At its simplest, a combolist is a text file containing thousands (or millions) of username and password combinations. The "100K" signifies the volume, while "UHQ" (Ultra-High Quality) suggests that the data is "fresh," unique, and hasn't been widely circulated or "burnt" by other hackers yet. Unlike random consumer leaks, a CORP-BUSINESS
Here is a story that illustrates the lifecycle and impact of such a file: The Phantom Key: The Story of the 100K Combolist Part 1: The Harvest