Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Criminals Bypassing Sophisticated Device Fingerprinting with Basic Tools

Research from Trusteer shows that device fingerprinting, which is used in fraud detection systems, might be a useless layer of protection after they discovered a manual for bypassing such features being circulated among online criminals.

Research from Trusteer shows that device fingerprinting, which is used in fraud detection systems, might be a useless layer of protection after they discovered a manual for bypassing such features being circulated among online criminals.

Trusteer researchers discovered the manual during the course of a typical work day. In it, the author explains how to bypass the layered protection that is found in several fingerprinting systems. 

“This approach collects a myriad of session attributes to “fingerprint” the endpoint device, including IP address and type and version of browser and operating system. Using this information, fraud detection systems can, for example, detect when a single device is being used to place multiple orders with different user credentials – a practice typically indicative of fraud,”

The tutorial explains that the usage of commercial VPNs, and proxy services will work to defeat the IP protections within the fingerprinting systems, and adds information on how to make sessions from a single system appear as if they originate from different computers, operating systems, and browsers by altering the user agent headers.

“This tutorial demonstrates that cybercriminals have achieved a sophisticated level of understanding of device fingerprinting techniques and are exploiting this knowledge to evade fraud prevention systems that rely on the browser’s User-Agent header to detect cybercrime,” Trusteer adds.

“Because fraudsters can easily manipulate the browser’s User-Agent header information, device fingerprinting solutions that rely solely on User-Agent data should be considered unreliable.”

Written By

Click to comment

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Vulnerabilities

Security researchers have observed an uptick in attacks targeting CVE-2021-35394, an RCE vulnerability in Realtek Jungle SDK.