The Russian syndicate used botnets--networks of infected
computers--and SQL injection attacks to collect the massive amounts of
data discovered by Hold Security.
The use of botnets by cybercriminals to steal credentials is on the rise, Gaffan tells FierceITSecurity. A disturbing 61.5 percent of all web traffic now comes from bots, and botnet activity has soared 240 percent in the last year, according to Incapsula data.
Search engine bots are being used by cybercriminals to carry out web attacks. "Criminals are disguising themselves as Googlebot, so you presume it's a legitimate search of your site to index it. But it turns out the attackers are posing as Googlebot, and they are using this as a technique to get into sites. Web masters are terrified of blocking Googlebot because their rankings will plummet," Gaffan says.
Once the attackers get into sites, they launch SQL injection attacks, cross-site scripting attacks, or insert malware through backdoors. They can then carry out distributed denial of service (DDoS) attacks, send spam, steal content and engage in other nefarious activities.
The report about the Russian crime syndicate "looks a lot like that, where thieves are increasingly automating their attacks using bots," Gaffan says.
Incapsula recently conducted a study that found around 4 percent of bots using the Googlebot's user agent, or ID, are fake. A whopping 66 percent of fake Googlebots are used to carry out DDoS attacks.
Attackers will go after "anybody and everybody ... The thing about using bots is the whole thing is automated, so they don't care who they're going after," Gaffan concludes.
http://www.incapsula.com/blog/googlebot-study-mr-hack.html
Source:
http://www.fierceitsecurity.com/story/attack-method-used-russians-harvest-more-1b-credentials-gaining-popularity/2014-08-07
The use of botnets by cybercriminals to steal credentials is on the rise, Gaffan tells FierceITSecurity. A disturbing 61.5 percent of all web traffic now comes from bots, and botnet activity has soared 240 percent in the last year, according to Incapsula data.
Search engine bots are being used by cybercriminals to carry out web attacks. "Criminals are disguising themselves as Googlebot, so you presume it's a legitimate search of your site to index it. But it turns out the attackers are posing as Googlebot, and they are using this as a technique to get into sites. Web masters are terrified of blocking Googlebot because their rankings will plummet," Gaffan says.
Once the attackers get into sites, they launch SQL injection attacks, cross-site scripting attacks, or insert malware through backdoors. They can then carry out distributed denial of service (DDoS) attacks, send spam, steal content and engage in other nefarious activities.
The report about the Russian crime syndicate "looks a lot like that, where thieves are increasingly automating their attacks using bots," Gaffan says.
Incapsula recently conducted a study that found around 4 percent of bots using the Googlebot's user agent, or ID, are fake. A whopping 66 percent of fake Googlebots are used to carry out DDoS attacks.
Attackers will go after "anybody and everybody ... The thing about using bots is the whole thing is automated, so they don't care who they're going after," Gaffan concludes.
Source:
http://www.fierceitsecurity.com/story/attack-method-used-russians-harvest-more-1b-credentials-gaining-popularity/2014-08-07