The Open Web Application Security Project classifies credential stuffing attacks as a subset of brute force attacks. A brute force attack is a method used by hackers to crack the username and password of accounts through trial and error. Brute force attacks are a numbers-game that relies on increasing probabilities. Credential stuffing attacks use a higher degree of intelligence in their method because they use bots or automated scripts to attack automated scripts. In March 2019, tech giant Boost Mobile disclosed a mobile credential stuffing of this type of attack.”]
Source: https://www.inforisktoday.com/blogs/credential-stuffing-attacks-vs-brute-force-attacks-p-2767