A massive fraud operation slamming e-commerce merchants in account takeover attacks has been revealed by researchers. Sift, a fraud protection business announced on Thursday that the ring, called Proxy Phantom, is employing over 1.5 million stolen account credentials in automated credential stuffing assaults against online merchants.
To bombard a domain with login requests, credential stuffing attacks typically rely on a database of stolen credentials – may be derived from data breaches or data dumps disclosed and sold online.
Because many of us use the same username and password combinations across several services – even though we shouldn’t – a data breach at one organization might lead to account compromise at another.
According to estimates, barely 0.1 percent of credential stuffing assaults are effective. However, when thousands of account combinations may be tried at the same time, despite the low success rate, these assaults can still be profitable – especially when employed against shops or financial services.
Proxy Phantom “flooded organizations with bot-based login attempt to perform as many as 2,691 login attempts per second,” according to Sift’s Q3 2021 Digital Trust & Safety Index.
Connected, rotating IP addresses were also utilized to make the requests appear to originate from different geographical places, and the requests predominantly targeted e-commerce platforms and online services.
Between April and June 2021, the number of IP clusters more than doubled.
“As a result, targeted merchants utilizing rules-based fraud protection solutions would be forced to play a supercharged, worldwide game of “whack-a-mole,” with new combinations of IP addresses and credentials (presumably purchased in bulk on the dark web) coming at an unfathomable pace,” Sift stated.
Furthermore, the study claims that the corporation detected 307 percent more account takeover threats in Q3 than in Q2. The financial sector, specifically bitcoin exchanges and digital wallet services, is a top target.
Netacea created an index chronicling the activity of scalper bots earlier this month. These automated systems are designed to outperform online lineups for high-ticket commodities such as concert tickets and gaming consoles in order to resell and profit their operators.
Scalpers have been clamoring for the PlayStation 5, cryptocurrency mining GPUs, and Nvidia RTX 3000 series CPUs in recent months.