Sixty-two percent of cybersecurity incidents against online retailers stemmed from automated threats including account takeover, web scraping, API exploitation, credit card fraud, Grinch bots, and distributed denial-of-service attacks making automated attacks against retailers more than two times higher than other industries, reports VentureBeat.
Retailer websites have been targeted by increasingly sophisticated malicious bots, with anonymity framework-based attacks spiking from 3.5% to 32.9% during the past year, compared with an increase from 1.6% to 13.6% for other sectors, an Imperva Threat Research analysis revealed.
Moreover, bad bot traffic on e-commerce sites was observed to rise by 10% and another 34% in October and November last year, respectively, amid the holiday shopping season. Last year also saw API attacks grow by 35% from September to October before increasing by another 22% in November.
Imperva recommended the implementation of bot management systems and stress-testing infrastructure in retailer websites in an effort to avert automated attacks.
As part of its latest attacks discovered in June, Tropic Tropper exploited several known Microsoft Exchange Server and Adobe ColdFusion vulnerabilities to distribute an updated China Chopper web shell on a server hosting the Umbraco open-source content management system.
More than 50 Alibaba-hosted command-and-control servers have been leveraged to facilitate the distribution of the backdoor, which impersonates the Java, bash, sshd, SQLite, and edr-agent utilities.
Angola and the Democratic Republic of Congo, which is a new Intellexa client, may have leveraged new Predator infrastructure to enable spyware staging and exploitation, according to an analysis from Recorded Future's Insikt Group.