Nowadays, advanced bad bots constitute a plague on the Internet. Their threat landscape is very diverse, ranging from massive account creation aimed at influencing state elections to DDoS bots.
Advanced bots are software that mimic human behavior to programmatically solve captcha challenges. For example, they simulate human-like mouse motion and follow a flow of webpages as a human would.
This speech discusses concrete examples of automated nefarious actions (Credential stuffing, Carding, Scalping…), as well as how bots can be analyzed in the same way as malicious software.
The analysis of such software is a valuable asset for better understanding their behavior and discovering new detection strategies.