Paxful defended its platform from 220,000 bot attacks over the past two months as crypto companies remain under siege from the attacks still. In our latest cryptocurrency news, we are reading more about the bot attacks that swamped the market.
Peer-to-peer crypto marketplace Paxful defended against 220,000 bot attacks as per the latest reports from the platform, in less than two months. Peer-to-peer crypto marketplace Paxful revealed that it fended off about 220,000 requests from web-bots which are typically aimed at stealing victim’s money via account takeover or money transfers. Paxful used Group-IB’s online fraud prevention platform Secure Portal to tackle the bot issue.
Paxful revealed it faced down more than 220,000 requests from the web-bots and successfully protected its users with the help of the Group-IB company. The volume of attacks outlined the fact that crypto companies remain a tempting target for the attackers as in the last month alone, hackers stole about $5.4 million from Eterbase and more than $200 million from KuCoin. With both attacks becoming a common vector, Paxful teamed up with the intelligence company Group-IB which used their online fraud prevention platform Secure Portal to tackle the platform as the company said:
“The platform has managed to fight off over 220,000 requests from web-bots in just two months, shielding its 4.5 million customers against possible attacks.”
Bots imitate the behavior of the regular users according to the chief security officer of Paxful, Dmitry Moiseev:
Group-IB has assisted @paxful, an international #P2P #cryptocurrency marketplace, in countering a wave of web-bot and social engineering attacks, and customer account takeovers. pic.twitter.com/BV473QaN7J
— Group-IB Global (@GroupIB_GIB) October 20, 2020
They are typically aimed at stealing client’s money whether via account takeover, so the bot can trade on behalf of the user or simply transfer all existing funds to the bad actor’s account. Behind the software are so-called “bad actors”, the people who control the bot. The bad actors develop a special database containing login or password pairs to start the attack. The way they access the logins is fairly easy because many users use similar credentials for social networks and other platforms. The login pairs are then filtered twice until there is a match that allows them to penetrate the victim’s account and steal the funds.”
The Secure Portal which the company supplied Paxful with is able to detect online threats like bot activity, social engineering attacks, and fraud from multiple sources like loyalty programs and user accounts. In order to defend against bot activity, the company created a unique fingerprint which is based on indicators and metrics like information on user-agent as well as operating system details. Based on the information by these data points, the portal “identifies and issues an alert for any suspicious activity in real-time after which the detection is used by Paxful to block bad bots.”