VirusTotal can be used to collect large amounts of credentials without infecting an organization or buying them online, researchers found.
