Cybercrime , Cybercrime as-a-service , Fraud Management & Cybercrime

Rise of the Bots: Criminal Attacks Grow More Automated

Ransomware, Social Engineering, Credential Stuffing and More Underpinned by Bots
Dmitry Volkov, CTO, Group-IB

Cybercrime continues to become increasingly automated, and bots have been key to that trend.

See Also: OnDemand | Hacking Your Organization: 7 Steps Cybercriminals Use to Take Total Control of Your Network

Bot refers to any type of automation - good or bad. In the crime realm, bots are used for automatically controlling malware-infected endpoints from a botnet command-and-control server, running highly automated and scalable social engineering attacks, web scraping, credential stuffing and more.

For criminals who want to wield bots, "one of the big shifts in this fraudulent activity is that they don't really need a lot of infected devices," says Dmitry Volkov, CTO of Group-IB.

"With bot activity for web scraping and credential stuffing, the main driver is a huge number of leaked databases," he says. With enough databases - even if they're from relatively small organizations - attackers can acquire enough credentials to run large, automated campaigns - often using proxy servers - to amass a significant number of victims.

In this video interview with Information Security Media Group, Volkov also discusses:

  • Bot-powered malware trends, including the decline of banking Trojans and rise of ransomware;
  • How bots are being used for brute-force attacks, web scraping, distributed-denial-of-service attacks and cookie stealing;
  • Ways to defend against bots.

Volkov is CTO, co-founder and head of the threat intelligence department at Group-IB. He has extensive experience in computer forensics, as well as investigating botnets, fraud, carding, DDoS attacks and other types of high-tech crime. In 2016, he became a member of Europol's European Cybercrime Center Advisory Group on Internet Security. Since 2013, he has served as a member of the UN's open-ended intergovernmental expert group meeting on cybercrime.


About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.