criminals “solved” bot defense leading to an uptick in stolen accounts
Jurgita Lapienytė , Deputy Chief Editor Updated on: 04 August 2022
criminals “solved” bot defense leading to an uptick in stolen accounts

Image by Shutterstock

There’s been an uptick in stolen accounts as criminals increasingly rely on a tool that bypasses most bot management systems.

Threat actors found a way to “solve” a bot detection system’s defense and are now selling these so-called solver bots for profit. As a result, there’s a significant uptick in stolen accounts.

For example, one website in particular currently has a total of 55,000 cracked accounts for sale. There’s been a 230% increase in stolen accounts in the top 4 countries (US, UK, Germany, and Sweden) year over year.

How does it work?

Solver bots are API-as-a-Service tools created by threat actors to bypass bot management systems. Once a criminal figures out how to bypass the system, that technique becomes very valuable.

“Instead of selling the technique or code to other bad actors for profit, the original “Solver” of the bypass creates a cloud service that other bad actors can subscribe to, and the original “solver” will do the bypass for all subscribers,” Sam Crowther, CEO of bot mitigation firm Kasada, told Cybernews.

This trend causes security teams a headache – once a criminal solves a defense, they sell it at scale for a profit. According to Crowther, threat actors with little or no technical skills can now conduct automated bot attacks without having to worry about what bot defenses a site may have in place.

“We should be concerned because if there’s a market for people to pay for the skills to bypass these tools, these services will always exist. And more often than not, it’s much cheaper for people to beat anti-fraud and anti-bot solutions than for companies to use and maintain them,” he added.

Solver services pose a vulnerability for organizations, but, unlike with a typical flaw where teams rush to patch it, vendors, according to Crowther, “aren’t doing anything to their software to defend against these services.”

eCommerce headache

In the past 12 months, Kasada has observed over a 750% increase in solver bots used for log-in abuse/account takeover within e-commerce.

Solver bots make up more than 95% of eCommerce bot traffic, up from 10% just a year ago.

“There’s an increase in solver bots purely because the more that anti-bot and anti-fraud companies grow, the more of a market there is. The impact of the success of the anti-bot industry is that it has inherently created solver bots and solver services,” he said.

As a result, there’s been an uptick in stolen accounts. On one website alone, there are 55,000 stolen accounts for sale. In the US, there’s been a 250% increase in stolen accounts (over 30,000 compared to 8,400 a year ago). And that’s only what we can tell by looking at the data from one source.

Crowther believes that the majority of bot management solutions aren’t strong enough and therefore can be easily bypassed by solver bots.

“No one in the industry is talking about it, so vendors may or may not be aware. Either way, I don’t think people realize the extent of the problem. The same problem set doesn’t really exist in other areas of cybersecurity where adversaries are selling easy-to-use software to circumvent the solutions,” he said.

TECH NEWS RELATED

Zeppelin ransom gang executes malware multiple times within a victim’s network

Jurgita Lapienytė Deputy Chief Editor Updated on: 12 August 2022 Image by Shutterstock Threat actors using Zeppelin request ransom in Bitcoin, with extortion amounts ranging from several thousand dollars to over a million dollars. The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) released a ...

View more: Zeppelin ransom gang executes malware multiple times within a victim’s network

Study reveals AI prediction model that could help save firefighter lives

Justinas Vainilavičius Senior Journalist Updated on: 12 August 2022 Image by NIST. Firefighters put their lives on the line as they enter a burning building. A new study shows that artificial intelligence (AI) could mitigate that risk by giving them an early warning. Flashover, a fire phenomenon when all combustible ...

View more: Study reveals AI prediction model that could help save firefighter lives

Russian threat group targets online vendors in Singapore

Damien Black , Senior Journalist Updated on: 09 August 2022 Image by Shutterstock A cyber-gang that targets legitimate sellers on internet advertising forums to harvest their payment credentials and drain their accounts has expanded its illicit operations into Singapore. The revelation comes from IB-Group, which has been tracking Classiscam since ...

View more: Russian threat group targets online vendors in Singapore

7-Eleven stores knocked out after a cyberattack in Denmark

Vilius Petkauskas , Journalist Updated on: 09 August 2022 Image by Shutterstock. US convenience store chain 7-Eleven had to shut down in Denmark after a cyberattack disabled checkout and payment systems all over the country. The group, which runs over 170 stores in Denmark, announced that it couldn’t use cash ...

View more: 7-Eleven stores knocked out after a cyberattack in Denmark

Researchers mitigate potential side-channel attack vulnerability in multicore processors

MIT researchers have shown that a component of modern computer processors that enables different areas of the chip to communicate with each other is susceptible to a side-channel attack. Credit: Jose-Luis Olivares, MIT A component of computer processors that connects different parts of the chip can be exploited by ...

View more: Researchers mitigate potential side-channel attack vulnerability in multicore processors

Threat actors use Google Cloud to spoof Best Buy

Damien Black Senior Journalist Updated on: 11 August 2022 Image by Shutterstock A phishing scam appears to be spoofing the multinational retailer – and though fairly easy to spot, it may be working because it uses Google’s trusted reputation to bypass email security, says analyst Avanan. “In this attack, hackers ...

View more: Threat actors use Google Cloud to spoof Best Buy

Identity theft: why oversharing your data online could put your quality of life in jeopardy

Cybernews Team Updated on: 11 August 2022 Image by Shutterstock The repercussions of having your identity stolen could be huge, and aren’t necessarily just monetary. Identity theft is a form of digital fraud where a criminal not only steals your data but also impersonates you with it. Impersonators then use ...

View more: Identity theft: why oversharing your data online could put your quality of life in jeopardy

Why Should I Backup Data? What’s The Importance

According to recent study, around 1,40,000 hard drives fail each week in the US. Of course, hardware failure is just one piece of the puzzle.  When you factor in human error, hackers and viruses, and natural disasters, it becomes evident how common data loss actually is. And yet, ironically ...

View more: Why Should I Backup Data? What’s The Importance

Cisco hit by cyberattack from hacker linked to Lapsus$ gang

Joe Mutti, ForwardAI: “before you dive into your ocean of data, always establish a clear objective first”

Matt Pattinson, Aveni: “companies should follow the principle of least privilege”

Russian hackers target Finland parliament’s website

Cloudflare targeted by a sophisticated phishing attack

Cyber-group offers DDos attacks for $80 an hour – but only against Russia and Belarus

Boston crook jailed for scamming elderly online

Meta's identity crisis could be its downfall

Emotet continues its reign as the most widely used malware

Samsung showcases new foldables

The importance of protecting privacy in a post-Roe world

Public healthcare service in UK hit by ransomware

OTHER TECH NEWS

Top Car News Car News