Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Bots

What is a Sophisticated Bot Attack?

Earlier this year we stated that bot attacks can be run by anyone, from skilled individuals to organised gangs. Bots can hit websites for a number of reasons. Common attacks include credential cracking to account takeover, to scalping. These bots have the power and capability to conduct multiple attacks repeatedly. Those actions have long seen standard for bots though, so what is new in the world of bot attacks? What is making these attacks more sophisticated?

"Largest Botnet Ever" Disrupted. 911 S5's Alleged Mastermind Arrested

A vast network of millions of compromised computers, being used to facilitate a wide range of cybercrime, has been disrupted by a multinational law enforcement operation. The 911 S5 botnet, described as "likely the world's largest botnet ever" by FBI Director Christopher Wray, has had its infrastructure and assets seized and its alleged mastermind arrested and charged. 35-year-old YunHe Wang, a dual citizen of China and St.

Offensive AI Lowers the Barrier of Entry for Bot Attackers

The use of artificial intelligence (AI) for defense allows for the better scanning of networks for vulnerabilities, automation, and attack detection based on existing datasets. However this is all in defense against an unknown attacker, who can have varying offensive tools all designed to overcome the most sophisticated defense. Is the biggest challenge for defensive AI that there is an offensive AI operator with unknown capabilities? And has offensive AI lowered the barrier of entry for bot attackers?

DDoS-as-a-Service: The Rebirth Botnet

In March 2024, the Sysdig Threat Research Team (TRT) began observing attacks against one of our Hadoop honeypot services from the domain “rebirthltdio). The threat actors operating the botnet are financially motivated and advertise their service primarily to the video gaming community, although there is no evidence that this botnet is not being purchased beyond gaming-related purposes, and organizations may still be at risk of falling victim to these botnets attacks.

What is Defensive AI and Why is it Essential in Bot Protection?

The definition of Artificial Intelligence (AI) has been thrown around whilst it has risen to the top of the tech agenda over the past couple of years. Security professionals have determined AI to be a risk to businesses, and also an opportunity. But could it also be a way to better defend your network against attacks? For many years, AI and Machine Learning have gone hand in hand; with AI used to better determine defensive decisions and cut down on the human element in more basic functions.

AI-driven cyber attacks to be the norm within a year, say security leaders

New research from Netacea reveals 93% of security leaders expect to face daily AI-driven attacks by the end of this year. Ransomware and phishing attacks are expected to be enhanced by offensive AI, but bots remain an underestimated threat. All respondents are benefiting from AI in their security stack, but adoption of bot management is lagging behind.

RUBYCARP: A Detailed Analysis of a Sophisticated Decade-Old Botnet Group

The Sysdig Threat Research Team (Sysdig TRT) recently discovered a long-running botnet operated by a Romanian threat actor group, which we are calling RUBYCARP. Evidence suggests that this threat actor has been active for at least 10 years. Its primary method of operation leverages a botnet deployed using a variety of public exploits and brute force attacks.

SEO Poisoning Part 2: How Bots Fuel SEO Poisoning Attacks

In our last blog post, we unpacked what SEO poisoning is and how it diverts organic search traffic. We examined some prevalent rank theft techniques used in SEO poisoning attacks. In this follow-up, we will dive into how automation can be used to further SEO poisoning and ranking theft attacks. With bots, adversaries can execute coordinated ranking theft at a speed and scale not possible manually.

Why Your Current Anti-Bot System Might be Failing

Anti-bot solutions have been around for a long time. Firewalls and WAFs are used by all kinds of businesses to protect their online assets from malicious bots. But as bots become more sophisticated and bot traffic volumes increase, many of these measures have become outdated and ineffective. If your anti-bot system isn’t performing, it could open your site to serious data breaches and other threats like Credential stuffing attacks and online fraud.

Calculating the ROI of Effective Bot Management

Bots cost the average business 4.3% of online revenues every year – or $85 million for the typical enterprise – so it’s critical that businesses invest in finding the right bot protection solution. If you’re coming up against resistance within your business when seeking to procure or upgrade your bot protection capabilities, this post will give you plenty of ideas for proving why better bot management is essential – in ways that matter to everyone in your organization.