Tag: traffic | Page 3

Google wins court order to force ISPs to filter botnet traffic – Naked Security

April 28, 2023/in Internet Security

A US court has recently unsealed a restraining order against a gang of alleged cybercrooks operating outside the country, based on a formal legal complaint from internet giant Google.

Google, it seems, decided to use its size, influence and network data to say, “No more!”, based on evidence it had collected about a cybergang known loosely as the CryptBot crew, whom Google claimed were:

Ripping off Google product names, icons and trademarks to shill their rogue software distribution services.
Running “pay-per-install” services for alleged software bundles that deliberately injected malware onto victims’ computers.
Operating a botnet (a robot or zombie network) to steal, collect and collate personal data from hundred of thousands of victims in the US.

You can read a PDF of the court document online.
Thanks to our chums at online pub The Register for posting this.

Plunder at will

Data that these CryptBot criminals are alleged to have plundered includes browser passwords, illicitly-snapped screenshots, cryptocurrency account data, and other PII (personally identifiable information).

As the court order puts it:

The Defendants are responsible for distributing a botnet that has infected approximately 672,220 CryptBot victim devices in the US in the last year. At any moment, the botnet’s extraordinary computing power could be harnessed for other criminal schemes.

Defendants could, for example, enable large ransomware or distributed denial-of-service attacks on legitimate businesses and other targets. Defendants could themselves perpetrate such a harmful attack, or they could sell access to the botnet to a third party for that purpose.

Because the defendants are apparently operating out of Pakistan, and unsurprisingly didn’t show up in court to argue their case, the court decided its outcome without hearing their side of the story.

Nevertheless, the court concluded that Google had shown “a likelihood of success” in respect of charges including violating the Computer Fraud and Abuse Act, trademark rules, and racketeering laws (which deal, loosely speaking, with so-called organised crime – committing crimes as if you were running a business):

[The court favors]…

Source…

How to Distinguish Bot vs. Human Traffic

March 25, 2023/in Internet Security

Not so long ago, bots were considered a modern-day convenience. Understandably so, bots have the potential to make enterprises more efficient with customer service or help to improve an enterprise’s standing on popular search engines. However, with their growing sophistication and scale in recent times, bots and botnets have become a source of concern for enterprises around the globe. In fact, bots now comprise nearly half of all internet traffic. This shows that enterprises need to recognize bots are the “new normal” on the internet and prepare accordingly.

These malicious software applications are designed to mimic human behavior on websites or apps. Usually deployed by cybercriminals to carry out malicious activities such as spreading misinformation, conducting DDoS attacks or inventory scraping, automated bad bots have now become one of the biggest threats to enterprises.

Identifying bot traffic within your website traffic is vital because it allows you to take action and minimize the impact of the bot attack.

In this blog post, we will tell you about the challenges of detecting bot traffic and tips that can help you spot bot traffic. You’ll also find tools that can help monitor bot vs. human traffic.

Ready to defeat advanced, automated bots? Read our ebook, Beat Advanced Bots with Intelligent Challenge-Response, and get started today!

RECOMMENDED RESOURCE

eBook: Beat Advanced Bots with Intelligent Challenge-Response

What is Bot Traffic?

Put simply, bot traffic is non-human traffic generated by robots to web pages and apps. Bot traffic can be beneficial or harmful, depending on the purpose of the bots. Usually, bots perform repetitive tasks automatically without human involvement, like web crawlers. This automation enables a bot’s human overlord to conduct a variety of tasks.

Good bots can be used for marketing and customer service functions, data mining, and fraud prevention. However, malicious bots can also be used for credential stuffing, web content scraping or data scraping, and launching denial of service (DDoS) or account takeover (ATO) attacks. Specific “spam bots” can also be used to control a narrative on social media or…

Source…

The most expensive domain name in history isn’t doing too well with site traffic

February 26, 2023/in Internet Security

Owning a domain name will typically cost between $10 and $20 per year, but this is just a drop in the ocean in terms of a possible price tag, new data has revealed.

Top web hosting (opens in new tab) company Hostinger (opens in new tab) released a study looking into the top seven most expensive domain names in history, with the most expensive domain costing $30 million in 2019.

Voice.com was bought by a team of technologists, artists and curators from enterprise analytics and software company MicroStrategy, with Hostinger’s data suggesting the transaction wasn’t great value for money based on the site’s monthly traffic figures (88.8k per month).

Top dollar domains

The top seven websites cost a combined amount of $109 million and include the domain names: 360.com, NFTs.com, Sex.com, Fund.com, Hotels.com and Tesla.com.

The domain name 360.com was owned by Chinese internet security company 360 Security Technology, but was bought by Vodafone for $17 million back in 2015.

SimilarWeb data shows its traffic does significantly better than the most expensive domain with 23.9 million monthly visitors, making it the 154th biggest website in China.

What’s more, the domain name Sex.com was sold in November 2010 from Escom to Clover Holdings after it won an auction.

Currently, the domain name receives more traffic than the rest of the top five sites combined, with 64 million visitors each month, and it’s currently on sale, with minimum bids of $20 million so far.

“It’s fascinating to see how much money has exchanged hands for specific domain names – the cost of the seven names in the list adds up to more than $100 million,” said a spokesperson from Hostinger.

“For multi-billion-dollar companies, the outlay is relatively small, especially if it secures your presence on the web, strengthens your brand and provides a good stream of traffic to your site. However as this study shows, spending millions of dollars on the domain name doesn’t guarantee millions of website visitors.”

As far as Tesla.com goes, CEO Elon Musk previously mentioned that it took him ten years to buy the domain from Silicon Valley engineer Stuart Grossman for around $11 million.

Source…

Unpatched Econolite Traffic Controller Vulnerabilities Allow Remote Hacking

February 1, 2023/in Computer Security

A researcher has discovered two potentially serious vulnerabilities affecting Econolite traffic controllers. Exploitation of the security flaws can have serious real-world impact, but they remain unpatched.

Cyber offensive researcher Rustam Amin informed the US Cybersecurity and Infrastructure Security Agency (CISA) that he had identified critical and high-severity vulnerabilities in Econolite EOS, a traffic controller software developed for the Econolite Cobalt and other advanced transportation controllers (ATC).

The California-based vendor’s website says it has deployed more than 360 systems, 150,000 traffic cabinets, 120,000 traffic controllers, and over 160,000 sensors. In December 2022, the company reported reaching more than 10,000 installations of its EOS software.

Amin discovered two types of vulnerabilities. One, rated ‘critical severity’ and tracked as CVE-2023-0452, has been described by CISA as an issue related to the use of a weak algorithm for hashing privileged user credentials.

“A configuration file that is accessible without authentication uses MD5 hashes for encrypting credentials, including those of administrators and technicians,” CISA said in its advisory.

The second issue, tracked as CVE-2023-0452 and rated ‘high severity’, is an improper access control issue. An attacker can view log, database and configuration files that can contain username and password hashes for users, including administrators and technicians.

These vulnerabilities can allow a remote, unauthenticated attacker to gain full control of traffic control functions.

Amin has conducted an internet search to see how many EOS systems are exposed to attacks from the web. He told SecurityWeek that he identified roughly 50 exposed controllers that are running older firmware. These systems are not affected by the flaws he discovered, but they are still not secure.

In addition, he discovered approximately 30 controllers running 2018-2020 versions of the EOS software and these systems are vulnerable to remote attacks.

He also found roughly 500 instances of associated devices that can be found in the affected controllers’ proximity, including routers and cameras, which…

Source…

Tag Archive for: traffic

Plunder at will

RECOMMENDED RESOURCE

eBook: Beat Advanced Bots with Intelligent Challenge-Response

What is Bot Traffic?