Traffic from “bad bots”—those created with malicious intent—first surpassed good bot traffic in 2016, Imperva’s research said, and it’s been getting worse. Bad bots comprised 37% of internet traffic in 2024, up from 32% the year prior. Good bots accounted for just 14% of the internet’s traffic.
Bad bots do all kinds of unpleasant things. An increasing number try to hijack peoples’ online accounts, which they often do by “credential stuffing.” This is where a bot takes a password and email address that has been stolen and leaked online, and then tries those credentials across a myriad of services in the hope that its owner will have reused the password elsewhere. These account takeover attacks have skyrocketed lately. Other attacks include scraping data from websites, which is a problem for businesses that don’t want their intellectual property stolen, and also for the individuals who own that data.
Read more…
Source: Malwarebytes Labs
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- 19-Year Old WinRAR RCE Vulnerability Gets Micropatch Which Keeps ACE Support
February 22, 2019
A micropatch was released to fix a 19-year old arbitrary code execution vulnerability impacting 500 million users of the WinRAR compression tool and to keep ACE support after the app’s devs removed it when they patched the security issue. Nadav Grossman from Check Point Software Technologies was the one who originally found the ACE Path Traversal logical bug in the UNACEV2.DLL library written by ...
- DDoS Attacks Ranked As Highest Threat by Enterprises
February 22, 2019
US and EMEA security professionals interviewed by the Neustar International Security Council (NISC) in January 2019 said that DDoS attacks are perceived as the highest threat to their organizations, with roughly half of their companies having been attacked in 2018. Another 75% of all professionals who took part in NISC’s study said that they are deeply concerned about “bot ...
- Spectre vulnerabilities cannot be mitigated by software alone
February 19, 2019
A team of Google researchers has demonstrated the Spectre vulnerabilities present in many of today’s processors cannot be completely mitigated by applying software fixes, as has been assumed. Variants of the Spectre flaw discovered last year, which involves information leaking via ‘speculative execution’ or functions performed early to speed up computation, are not just software glitches ...
- APT Adversaries Up the Ante on Speed, Target Telecom
February 19, 2019
Despite law-enforcement wins in the form of several high-profile arrests and indictments during 2018, nation-state adversaries have upped their games when it comes to speed. That’s according to CrowdStrike’s 2019 Global Threat Report, which found that when analyzing how long it takes to go from initial compromise to the attacker’s first lateral movement within the network, Russian-speaking APTs (such ...
- North Korea Turns Against New Targets?!
February 19, 2019
Over the past few weeks, we have been monitoring suspicious activity directed against Russian-based companies that exposed a predator-prey relationship that we had not seen before. For the first time we were observing what seemed to be a coordinated North Korean attack against Russian entities. While attributing attacks to a certain threat group or another is ...
- Hackers Use Compromised Banks as Starting Points for Phishing Attacks
February 19, 2019
Cybercriminals attacking banks and financial organizations use their foothold in a compromised infrastructure to gain access to similar targets in other regions or countries. In a report released today and shared with BleepingComputer, international security company Group-IB specialized in preventing cyber attacks describes a so called cross-border domino-effect that can lead to spreading an infection beyond the initial ...