Traffic from “bad bots”—those created with malicious intent—first surpassed good bot traffic in 2016, Imperva’s research said, and it’s been getting worse. Bad bots comprised 37% of internet traffic in 2024, up from 32% the year prior. Good bots accounted for just 14% of the internet’s traffic.
Bad bots do all kinds of unpleasant things. An increasing number try to hijack peoples’ online accounts, which they often do by “credential stuffing.” This is where a bot takes a password and email address that has been stolen and leaked online, and then tries those credentials across a myriad of services in the hope that its owner will have reused the password elsewhere. These account takeover attacks have skyrocketed lately. Other attacks include scraping data from websites, which is a problem for businesses that don’t want their intellectual property stolen, and also for the individuals who own that data.
Read more…
Source: Malwarebytes Labs
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Popular Samsung, LG Android Phones Open to ‘Spearphone’ Eavesdropping
July 23, 2019
A Spearphone attacker can use the accelerometer in LG and Samsung phones to remotely eavesdrop on any audio that’s played on speakerphone, including calls, music and voice assistant responses. A new way to eavesdrop on people’s mobile phone calls has come to light in the form of Spearphone – an attack that makes use of Android ...
- On the IoT road: perks, benefits and security of moving smartly
July 22, 2019
Kaspersky has repeatedly investigated security issues related to IoT technologies (for instance, here, or here). Earlier this year our experts have even gained foothold in the security of biomechanical prosthetic devices. The same implies to smart car security: our own research has indicated that there are number of issues—look here or here. This year, we decided to continue our tradition of small-scale experiments with security ...
- Critical RCE Flaw in Palo Alto Gateways Hits Uber
July 22, 2019
A remote code-execution (RCE) vulnerability has been uncovered in the GlobalProtect portal and GlobalProtect Gateway interface security products from Palo Alto Networks. It’s an unusual zero-day case, having been previously unknown but inadvertently fixed in later releases — but some large companies could still be impacted, including Uber. The gateways provide virtual private network (VPN) access to ...
- French army will employ sci-fi writers to predict cyber threats
July 22, 2019
The French military is to assemble a team of science fiction writers to imagine possible future cyber threats and inject innovation into cyber defence. This will be a small group, known as the “Red Team” which will be comprised of four or five science fiction writers and or futurists. The team will be hired to “propose ...
- Old Tools for New Money: URL Spreading Shellbot and XMRig Using 17-year old XHide
July 19, 2019
One of our honeypots detected a threat that propagates by scanning for open ports and brute forcing weak credentials, installing a Monero cryptocurrency miner and a Perl-based IRC backdoor as the final payload. The miner process is hidden using XHide Process Faker, a 17-year old open source tool used to fake the name of a ...
- Iran-Linked APT34 Invites Victims to LinkedIn for Fresh Malware Infections
July 19, 2019
A recent phishing campaign by Iran-linked threat actor APT34 made use of a savvy approach: Asking victims to join their social network. According to FireEye, the adversaries masqueraded as a Cambridge University lecturer, including setting up a LinkedIn page, in order to gain victims’ trust. From there the attackers asked their “friends” to open malicious documents. APT34, ...