Security News

During the first half of 2022, BioCatch data reveals that money mule accounts represent up to 0.3 percent of accounts held by financial institutions, and an estimated $3 billion in fraudulent financial transfers. Applying BioCatch findings to the estimated 657 million bank accounts in the United States, this translates to approximately two million mule accounts and nearly $3 billion in fraudulent transfers in a year.

Netacea released its report into how businesses are dealing with bot attacks. It reveals one key area where businesses are failing to tackle bot attacks - bots are going undiscovered for an average of 16 weeks, up two weeks from last year's findings.

Netacea released its report into how businesses are dealing with bot attacks. Bot owners are shifting their tactics, with 60% of businesses detecting attacks on APIs and 39% detecting attacks on mobile apps.

Single factor authentication has been the standard for many years on Internet-facing services, but it clearly lacks security. While 2FA drastically increases the security of Internet services, it can still be bypassed by some methods.

The Black Basta ransomware gang has partnered with the QBot malware operation to gain initial access to corporate environments. QBot is Windows malware that steals bank credentials, Windows domain credentials, and delivers further malware payloads on infected devices.

Bad bots are often the first indicator of online fraud and represent a risk to digital businesses, as well as their customers. In 2021, evasive bad bots - a grouping of moderate and advanced bad bots that elude standard security defenses - made up 65.6% of all bad bot traffic.

That's according to Arkose Labs, which claimed in its latest State of Fraud and Account Security report that one in four online accounts created in Q1 2022 were fake and used for fraud, scams, and the like. In total, 93 percent of all attacks against Arkose Labs' customers were bot-driven, it's claimed; data scraping increased by 250 percent while four percent of all logins in Q1 were credential-stuffing attempts.

A new RedLine malware distribution campaign promotes fake Binance NFT mystery box bots on YouTube to lure people into infecting themselves with the information-stealing malware from GitHub repositories. Binance mystery boxes are sets of random non-fungible token items that people buy, hoping they'll receive a unique or rare item at a bargain price.

Ukraine's security agency has shut down five bot farms since the start of Russia's invasion of the country almost five weeks ago, slowing down a Russian operation designed to spread disinformation in the war-torn country and to sow panic among its frightened residents. In a statement this week, Ukraine's Security Service said the bot farms were located in Kharkiv - a city near the northern border of Russia that has been the site of some of the fiercest fighting - Cherkasy along the Dnieper River that cuts through the country, and the Ternopil and Zakarpattia regions in the western part of Ukraine.

The Ukrainian Security Service has announced that since the start of the war with Russia, it has discovered and shut down five bot farms with over 100,000 fake social media accounts spreading fake news. The network, which operated in Kharkiv, Cherkasy, Ternopil, and Zakarpattia, aimed to discourage Ukrainian citizens and instill panic by distributing false information about the Russian invasion and the status of the defenders.