In the ever-evolving landscape of cybersecurity threats, the battle against malicious bots is a critical concern for web applications. These bots, in addition to their ability to circumvent application security measures, are usually protected with advanced source code protection to prevent the security community from understanding their mechanisms and developing countermeasures. To counter this, Imperva Threat Research developed, released, and presented a new tool designed to overcome specific malware .NET protection, called Frida-JIT-unPacker. In this blog post, we’ll delve into the story of this research and the tool itself. First of all, let’s outline a few specific types of bot threats and why you may be confronted with them. If you want to read more about these threats, you can look at OWASP’s list of automated threats to web applications. Credential Stuffing Credential stuffing attacks involve bots using stolen account credentials to gain unauthorized access to user accounts. The automation of these attacks allows for simultaneous assaults on numerous accounts, leading to widespread unauthorized access and fraud. Scalping Scalping bots swiftly purchase inventory of highly sought-after items, such as concert tickets or limited-edition products, making these items unavailable to genuine customers. These bots profit by creating artificial scarcity and reselling the items at high markups. Scraping Scraping bots automate the extraction of large amounts of data from…Read More
Frida-JIT-unPacker: An Imperva Contribution to the Security Research Community, Presented at Black Hat Asia 2024
