Botnet Monitoring and Cyber Intelligence

Group-IB Bot-Trek™ is a real-time botnet and cyber intelligence service that provides a direct access to compromised data and helps to prevent fraud.

Bot-Trek™ gathers compromised data and intelligence from botnets and computer underground and makes it available to the original Intellectual Property owners via a SaaS solution. Bot-Trek™ provides a real-time feed with following types of data:

  • E-banking logins/passwords/OTPs;
  • Leaked credit cards information;
  • Money mules information for fraud prevention;
  • Compromised IP-addresses;
  • Socks-, spam- and DDoS-bots IP-addresses;
  • Data leaked from corporate domains or IP-ranges (e.g. corporate e-mail accounts, intranets, etc.).

The service doesn’t require any additional software or hardware deployment and provided to verified institutions only. Data is thoroughly segregated, so that each company can only view their own customers' compromised data.

Through Group-IB corporate structure, Bot-Trek™ has access to diverse intelligence sources and ultimate technologies. Bot-Trek™ uses the following data sources for compromised information gathering:

  • Distributed network of HoneyNet traps;
  • Sinkholed botnets;
  • Underground infiltration;
  • Forensic and CERT cases;
  • Malware intelligence database;
  • Phishing sources database.

Last year Group-IB prevented theft from over 30,000 customers of various banks, and the number of identified and analyzed information is constantly growing.

Botnet Monitoring and Cyber Intelligence

After the successful analysis of the information obtained from the botnets and underground markets, the client is immediately provided with all of the discovered information regarding the compromised customers, along with recommendations on how to reduce risks. Such information may include:

  • Customers’ login credentials;
  • Leaked credit cards information;
  • Money mules information for fraud prevention;
  • Compromised IP-addresses;
  • Socks-, spam- and DDoS-bots IP-addresses;
  • Data leaked from corporate domains or IP-ranges (e.g. corporate e-mail accounts, intranets, etc.);
  • Copies of digital signature keys and certificates;
  • Screenshots from the computers of the customers.

The service is provided through a secured web-interface or XML-based API which could be used for integration with any existing anti-fraud systems.

Botnet Monitoring and Cyber Intelligence

Monitoring botnets aimed at online banking fraud is a unique method of effectively preventing theft in online banking. As a result of botnet monitoring performed by our experts, the bank will receive:

  • The ability to prevent theft of funds from the accounts of the customers. Timely detection of compromised login information and digital signature keys will help prevent unlawful transfer of funds and take measures for further protection of the customers.
  • Promptness and comprehensiveness of the data. The unique resources employed by Group-IB and our close international partnerships ensure the speed and comprehensiveness of the obtained data regarding the compromised login information and digital signature keys. The available information is an exact copy of the data possessed by the criminals.
  • Reducing the costs of supporting victimized customers. Any theft, even any attempt of theft, requires the bank to conduct extensive and costly activities in order to minimize the damages and support the victimized customers. Attempts to stem unlawful transfers of funds, interactions with law enforcement agencies, meetings with the customers, and even legal proceedings can be avoided by using proactive fraud protection.
  • Improving customer loyalty and trust in the bank. Timely notifications and recommendations regarding data theft prevention display a unique relationship and individual care for the customer. Such an approach will elevate the bank’s trust and reputation in the eyes of potential customers.
  • Possibility of conducting a comprehensive investigation. Botnet monitoring is one of the steps in identifying the criminals. The information obtained allows for investigating the attempts of unlawful transfers of funds, ultimately bringing the individuals responsible to justice.

Contact Us:

+1 253 243-31-38
help@group-ib.com

More information