25 matches found
How Scalping Bots Exploited a Vulnerable API to Disrupt Online Retail Sales
In the fast-paced world of online retail, where customer satisfaction and availability are paramount, a sudden attack by scalping bots can disrupt operations, inflate costs, and damage reputation. A North American Online Retailer faced a month-long bot attack that targeted their inventory system,...
Reverse-Engineering Ticketmaster’s Barcode System
Interesting: By reverse-engineering how Ticketmaster and AXS actually make their electronic tickets, scalpers have essentially figured out how to regenerate specific, genuine tickets that they have legally purchased from scratch onto infrastructure that they control. In doing so, they are removin...
Glastonbury ticket hijack vulnerability fixed
The Glastonbury ticket website was vulnerable to a relatively simple attack that that allowed ticket theft and data leakage. What’s the issue? An attacker could scrape collaborative ticket buying information e.g. on Reddit to gather people’s details, use a flaw in the registration process and...
Frida-JIT-unPacker: An Imperva Contribution to the Security Research Community, Presented at Black Hat Asia 2024
In the ever-evolving landscape of cybersecurity threats, the battle against malicious bots is a critical concern for web applications. These bots, in addition to their ability to circumvent application security measures, are usually protected with advanced source code protection to prevent the...
Analyzing Bitcoin Price Trends and Crypto Scalping Methods
By Uzair Amir Are you interested in cryptocurrency trading but unsure where to start? Have you heard about crypto scalping but… This is a post from HackRead.com Read the original post: Analyzing Bitcoin Price Trends and Crypto Scalping Methods...
2023 OWASP Top-10 Series: API6:2023 Unrestricted Access to Sensitive Business Flows
Welcome to the 7th post in our weekly series on the new 2023 OWASP API Security Top-10 list, with a particular focus on security practitioners. This post will focus on API6:2023 Unrestricted Access to Sensitive Business Flows. In this series we are taking an in-depth look at each category – the...
How Ticket Scalping Impacts Asia’s Live Entertainment Industry
Asia’s booming live entertainment industry has recently been plagued by a growing problem of ticket scalping. The term refers to the act of purchasing live event tickets in bulk by individuals, often through the use of automation aka bots, to later resell them at exorbitant prices. The issue isn’...
The Anatomy of a Scalping Bot: NSB Goes Undercover & How it Avoids Detection
In the first blog post, we introduced you to the Nike Shoe Bot NSB, one of the most dangerous scalping bots around. We outlined its purpose, its behavior, and described how we recovered its source code. In this blog post, we will take a closer look at the bots source code, and determine what...
The Anatomy of a Scalping Bot: NSB Was Copped!
In recent years, scalping bots have become a growing concern for online retailers. In this two-part blog series, we will analyze the inner workings of the Nike Shoe Bot NSB scalping bot, one of the most dangerous scalping bots around. We will take a closer look at the components of NSB, how we...
Avoid The (Automated) Nightmare Before Christmas
While Christmas is often seen by most as a joyous time to be spent with family and friends, exchanging good wishes and gifts, there are those who seek to exploit it. For fraudsters, this time of the year is above all, an opportunity for profits to be made, all while wreaking havoc on eCommerce...
The World Cup: Prime Time for Sports Fans and Cybercriminals
From November 20 to December 18, fans from all over the world are tuned into the World Cup tournament in Qatar. While this is a major event for sports fans, it’s also prime time for bad actors. Large sporting events lead to increased levels of activity across sports and gambling sites, along with...
Bots Are Scalping Israeli Government Services
Bots can be used for good, but can also be nefarious. In this post, see Akamai's research on the Israeli Gamken bot copycat...
Bots Are Scalping Israeli Government Services
Bots can be used for good, but can also be nefarious. In this post, see Akamai's research on the Israeli Gamken bot copycat...
Evasive Bots Drive Online Fraud – 2022 Imperva Bad Bot Report
The 2022 Imperva Bad Bot Report is now available. The report is the ninth annual in-depth analysis of bot traffic, created with data collected from Impervas global network throughout the past year by the Imperva Threat Research Team. Bad bots are software applications that run automated tasks wit...
Imperva is named a Leader in The Forrester Wave™: Bot Management, Q2 2022
We are thrilled to announce that Imperva has been named a Leader in The Forrester Wave: Bot Management, Q2 2022 report – a trusted source for technology buyers that helps security and risk professionals select the right vendor for their needs in a technology marketplace. The report offers a...
Imperva Mitigates Massive Bot Attack of 400 Million Requests
Imperva Advanced Bot Protection detected and stopped the largest bot attack in Imperva history. The web scraping attack targeted a global job listing site with operations in six countries. The attacker used a large-scale botnet, generating no less than 400 million bot requests from nearly 400,000...
Scalpers, and their bot armies, swing in to net web-based Spiderman tickets
29 November 2021 was “Spider Monday” and tickets for Marvel’s film Spider-Man: No Way Home went on sale with the sort of marketing fervor for which Disney and the Marvel Cinematic Universe MCU are famous. As tickets to one of the most eagerly anticipated Christmas films featuring one of the most...
Infographic: How Are Bad Bots Hurting Your Business?
Bad bots are software applications which run automated tasks with malicious intent over the internet. They scrape data from sites without permission in order to reuse it and gain a competitive edge e.g. pricing, inventory levels, proprietary content, etc.. They are used for scalping, the act of...
Bad Bot Traffic Breaks Records in 2020
Bad bots have long been a major illness plaguing the internet. As internet traffic reached new heights throughout the global pandemic, unfortunately so did bot traffic. In 2020, 40.8 percent of internet traffic wasn’t human, and 25.6 percent originated from bad bots. What have these bad bots been...
Top 5 Most Vicious Bad Bots
Classified by The Open Web Application Security Project OWASP as ‘automated threats’, bad bots can be used to perform a plethora of actions on the application layer, from basic requests to elaborate sessions with sophisticated requests. Some of these bots are more malicious than others. This make...