Cyber security news for all

More

    The use of bad bots has increased enormously in recent years

    Bad bot traffic has increased again compared to previous years and now accounts for almost a quarter of all web traffic. Financial service providers are most affected.

    Every Industry Has Its Own Bot Problems

    From account takeover attacks to credential stuffing to content and price scraping. The sectors with the most bad bot traffic include financial service providers, the education and government organizations.

    Moderate to demanding bad bots make up almost three quarters of bad bot traffic. Advanced persistent bots often elude recognition. They go through random IP addresses, penetrate through anonymous proxies, change their identity and imitate human behavior.

    Bad Bots Interact With Applications In The Same Way As A Legitimate User

    This makes them more difficult to identify and prevent. They attack websites, mobile applications and APIs at high speed and enable bot operators, hackers, competitors to carry out a variety of malicious attacks. This includes competitive data mining, collecting personal and financial data, spam and much more.

    Released Tuesday, Imperva’s “2020 Bad Bot Report: The Bad Bots Strike Back” looks at how bad bots play a role in website activity and how website owners can protect themselves against these threats.

    Criminals Are Extremely Creative In Spreading Bad Bots

    Simply accessing a website or clicking on a fake or hijacked advertising banner can trigger a drive by download of malware, which takes place unnoticed in the background. Cybercriminals mainly use security gaps in the web browser, often the vulnerabilities are not known to anyone at the time of the attack. Emails are also a common gateway. For example, a link in a phishing email takes you to a prepared page. A hidden download starts automatically. The bot nests unnoticed in the system of a tablet or smartphone and does the job for which it was programmed. In the worst case, further issues follow. A bot can download a keylogger that uses keystrokes. Other spies specialize in screenshots, which they automatically pick up and transmit for evaluation.

    Recent Articles

    Russian Cybercriminal Behind “Cardplanet” Site Sentenced

    According to the United States Department of Justice, a Russian cybercriminal, Aleksey Burkov, 30—who operated Cardplanet site: a site that trafficked stolen card details—has...

    Hackers Used Malicious Docker Images to Mine Monero

    Researchers found malicious images on Docker Hub used for crypto mining. Palo Alto Networks' Unit  42, unraveled a crypto mining scheme which uses malicious Docker...

    NSA outlines requirements for secure collaboration services for US government telework

    The new National Security Agency (NSA) guidelines are a window of security for users. Everyone has been trying to return to their lives since...

    Cybercriminals threaten to sell off “scandalous” files swiped from Mariah Carey, Nicki Minaj, Puff Daddy’s legal eagles

    There's no escaping these cybercriminals. In a recent case of "cyber-extortion," threat actors known as REvil, are threatening to expose celebrity "dirt." These threat actors...

    Twitter apologises for exposed customers data

    In what is described as a "data security incident," sensitive details of Twitter's customers were exposed. Unlike other cases of a breach which are...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox