According to a recent Barracuda Networks report, cybercriminals are now actively using automation tools and bots to target web applications. A majority of attack traffic has been observed in the past two months from attackers.
Nearly 20% of the attacks discovered were fuzzing attacks performed using automation for finding the points at which applications could be broken to exploit.
- Injection attacks accounted for 12% of the attacks. Automated injection tools such as sqlmap were mostly exploited by cybercriminals, says the study.
- It was found that fake bots would impersonate Google bots (to evade detection) or application DDoS attacks to overwhelm a site with traffic.
- Bot pretending a Google bot and application DDoS attacks accounted for 12% and 9%, respectively.
- About 2% of attacks were constituted by bots blocked by site admins, while bots behind cross-site scripting accounted for 1% of attacks.
- A few weeks ago, a dangerous worm was spreading automatically via Whatsapp. After being installed on a smartphone, it could send messages to the victim’s contact list for infecting them without any user interaction.
- Last month, an attacker was seen leveraging a malicious link to target its potential victims. When opened, it would automatically open the Shazam app, and execute the malware, which would then send the victim's location to the attacker.
Cyberattacks using automated tools are growing and making it harder for organizations to defend against such attacks. Experts suggest that organizations can use the web application firewall solutions that come with bot mitigation, API security, DDoS protection, and credential stuffing protection.