Research from Trusteer shows that device fingerprinting, which is used in fraud detection systems, might be a useless layer of protection after they discovered a manual for bypassing such features being circulated among online criminals.
Trusteer researchers discovered the manual during the course of a typical work day. In it, the author explains how to bypass the layered protection that is found in several fingerprinting systems.
“This approach collects a myriad of session attributes to “fingerprint” the endpoint device, including IP address and type and version of browser and operating system. Using this information, fraud detection systems can, for example, detect when a single device is being used to place multiple orders with different user credentials – a practice typically indicative of fraud,”
The tutorial explains that the usage of commercial VPNs, and proxy services will work to defeat the IP protections within the fingerprinting systems, and adds information on how to make sessions from a single system appear as if they originate from different computers, operating systems, and browsers by altering the user agent headers.
“This tutorial demonstrates that cybercriminals have achieved a sophisticated level of understanding of device fingerprinting techniques and are exploiting this knowledge to evade fraud prevention systems that rely on the browser’s User-Agent header to detect cybercrime,” Trusteer adds.
“Because fraudsters can easily manipulate the browser’s User-Agent header information, device fingerprinting solutions that rely solely on User-Agent data should be considered unreliable.”
More from Steve Ragan
- Anonymous Claims Attack on IP Surveillance Firm Brickcom, Leaks Customer Data
- Workers Don’t Trust Employers with Personal Data: Survey
- Root SSH Key Compromised in Emergency Alerting Systems
- Morningstar Data Breach Impacted 184,000 Clients
- Microsoft to Patch Seven Flaws in July’s Patch Tuesday
- OpenX Addresses New Security Flaws with Latest Update
- Ubisoft Breached: Users Urged to Change Passwords
- Anonymous Targets Anti-Anonymity B2B Firm Relead.com
Latest News
- Cyberattacks Target Websites of German Airports, Admin
- US Infiltrates Big Ransomware Gang: ‘We Hacked the Hackers’
- Tenable Launches $25 Million Early-Stage Venture Fund
- 820k Impacted by Data Breach at Zacks Investment Research
- Mapping Threat Intelligence to the NIST Compliance Framework Part 2
- Hive Ransomware Operation Shut Down by Law Enforcement
- US Government Agencies Warn of Malicious Use of Remote Management Software
- UK Gov Warns of Phishing Attacks Launched by Iranian, Russian Cyberspies
