GraphQL Vulnerabilities and Common Attacks: Seen in the Wild
Discription

In our previous blog, we provided an overview of GraphQL security, along with details and examples of common attacks. Building on that foundation, this blog will take a closer look at real-world examples of GraphQL attacks that have recently occurred. We will explore the methods used by attackers to exploit vulnerabilities in GraphQL APIs and the consequences that these attacks can have on organizations. It is important to note that this blog will assume a basic understanding of GraphQL and its security considerations, so if you are new to this topic, we recommend starting with our earlier blog to get up to speed. GraphQL statistics Before delving into the nuances of these attacks, let's ground ourselves with some data: Over a span of several months, we kept a close watch on approximately 6,000 endpoints using GraphQL traffic. The insights garnered are eye-opening. Stay tuned! GraphQL was developed, in part, to ensure concise response sizes suitable for mobile devices. We hypothesized that a majority of clients would be mobile-based, and our data supported this presumption: approximately 70% of the traffic stemmed from mobile devices. Out of the remaining traffic, 15% originated from automated tools, and a mere 5% came directly from browsers. We have seen evidence of the use of different automation tools, among them CQ-API-Spyder, used for API attack surface discovery, and GraphQL Cop, which is a small Python utility to run common security tests against GraphQL APIs….Read More

Back to Main

Subscribe for the latest news: