Threat actors turn to automation tools to boost their campaigns

Automation is having an impact on almost every industry, but it's not just in the world of legitimate commerce that its presence is being felt. A new report from Recorded Future shows criminal enterprises are turning to automation tools too.

Indeed the criminal underground has created an ecosystem of tools and resources allowing threat actors to both operationalize and monetize their campaigns increasingly quickly.

Tools available via dark web markets include credential checkers that apply stolen IDs and passwords to sites in brute force attacks, loaders that try to bypass endpoint security, keylogger and password stealers, exploit kits, phishing services, sniffers that seek to steal payment data from eCommerce sites, and more.

There is even evidence of automation in the marketplaces that cyber criminals use to buy and sell stolen credentials and payment card data.

It's likely that we’re now seeing security teams using automation to fight automation, with the automating of defensive intelligence feeds and the combination of them with automated detection and prevention solutions.

The full report which has more information on the 10 types of tools and services currently used by threat actors to automate tasks, and suggested mitigations for defenders to implement, is available on the Recorded Future site.

Image credit: shmeljov/depositphotos.com