Express Computer
Home  »  News  »  Bad Bots Use Residential IPs to Evade Defences, Barracuda’s Threat Spotlight Report

Bad Bots Use Residential IPs to Evade Defences, Barracuda’s Threat Spotlight Report

0 31

Barracuda has unveiled a new threat spotlight that shows how in the first six months of 2023, bad – or malicious – bots used residential IP addresses to launch attacks without being caught by the security blocks put on known malicious IPs. In many cases, the people who used or were later allocated those IPs ended up in “CAPTCHA hell,” unable to pass checks from Google or Cloudflare because their IP triggered a red flag as having been used for malicious activity.

Bots are software programs that move around the web performing automated tasks like search engine crawling. Barracuda researchers track the prevalence and behaviour of good and bad bots from year to year.

Data for the first half of 2023 shows that nearly half (48%) of total global internet traffic was made up of bots, and most of this was down to bad bots. These complex computer programs are designed to cause mischief and harm, at speeds and volumes that human attackers could not match.

And while in 2021, the bad bot landscape was dominated by swarms of “retail bots,” sent out to hunt for scarce and sought-after sneakers and toys to resell at a profit, in 2023, bad bots are often being used for more advanced attacks.

Armed with millions of common username and passwords, the bad bots are being sent out across the internet with the aim of compromising email accounts – particularly those they can reach through vulnerable application programming interfaces (APIs) – by bashing them with countless combinations of usernames/passwords until they get the one that works.
APIs are a growing target for cyberattack because they are relatively under-protected and used extensively for automated processes and communications. Examples of applications that use APIs to access emails and inboxes include email marketing applications that send and track bulk or personalised emails to potential or existing customers, as well as applications to manage, verify and automate emails.

“For the organisations targeted by these bots, a combination of under-secured APIs, weak authentication and access policies, and a lack of bot-specific security measures – such as limiting the volume and speed of inbound traffic leave them vulnerable to attack,” said Tushar Richabadas, Principal Product Marketing Manager, Applications and Cloud Security at Barracuda. “Organisations can be overwhelmed due to the sheer number of solutions required to stop bots, but the good news is that solutions are consolidating into Web Application and API Protection (WAAP) services that identifies and stops bad bots.”

The research also shows that in the first half of 2023, North America was the source of 72% of bad bot traffic. Roughly two-thirds (67%) of bad bot traffic came from hosting providers, including the two large public clouds: AWS and Azure, which skews the geographic data toward North America. The next most prevalent regions are the United Arab Emirates (12%), Saudi Arabia (6%), Qatar (5%), and India (5%).

Get real time updates directly on you device, subscribe now.

Leave A Reply

Your email address will not be published.

LIVE Webinar

Digitize your HR practice with extensions to success factors

Join us for a virtual meeting on how organizations can use these extensions to not just provide a better experience to its’ employees, but also to significantly improve the efficiency of the HR processes
REGISTER NOW 

Stay updated with News, Trending Stories & Conferences with Express Computer
Follow us on Linkedin
India's Leading e-Governance Summit is here!!! Attend and Know more.
Register Now!
close-image
Attend Webinar & Enhance Your Organisation's Digital Experience.
Register Now
close-image
Enable A Truly Seamless & Secure Workplace.
Register Now
close-image
Attend Inida's Largest BFSI Technology Conclave!
Register Now
close-image
Know how to protect your company in digital era.
Register Now
close-image
Protect Your Critical Assets From Well-Organized Hackers
Register Now
close-image
Find Solutions to Maintain Productivity
Register Now
close-image
Live Webinar : Improve customer experience with Voice Bots
Register Now
close-image
Live Event: Technology Day- Kerala, E- Governance Champions Awards
Register Now
close-image
Virtual Conference : Learn to Automate complex Business Processes
Register Now
close-image