This sneaky botnet shows why you really, really shouldn’t use the same password for everything
While automated attacks by a networked army of computers aren’t a new problem, the methods that botnets are using are getting more complex.
They’re also increasing in number with the latest cybercrime report from ThreatMetrix suggesting that the number of attacks between January and March this year is up by over a third, compared with just the previous quarter. The report states that 311 million bot attacks were detected and stopped by its technology in the opening three months of 2016.
Botnet attacks used to just be large volume distributed denial of service (DDoS) or spam attacks, designed to overwhelm servers to the point of collapse or act as a distraction in order to allow cybercriminals to hack into the targeted system without being detected.
Now however, the cybersecurity researchers say that botnets are being used in a new way – to test stolen login details in a way which allows them to evade detection by security systems.
Rather than just overwhelming systems or using brute force in an effort to break in, this new kind of botnet operates in a more subtle way. This ‘low and slow’ – as researchers describe it – type of bot attack is ultimately used as means of testing stolen credentials purchased from cybercriminal forums on the dark web.
Taking its time over the course of a few days, the botnet attempts to log into thousands of accounts to determine which of the stolen login details are valid. Then when logins and passwords are found to be real, the fraudsters can then use them to attempt to log into elsewhere – such as e-commerce or banking websites – in an effort to make off with personal and financial data.
The way this botnet works therefore serves as a reminder that it’s not a good idea to have the same password for multiple accounts.
In total, Threatmetrix detected 264 million attacks of this type in the e-commerce sector alone, suggesting that cybercriminals see retail as something of a rich target when it comes to stealing data.
Given that so many users won’t think twice about using the same email and password combination for their online retail logins as their actual email address, it’s not hard to see why this could turn into a goldmine for hackers.
Source | ZDNET