We're Hiring!
Request Demo

Approov Blog
Bots (4)

Dating app concept; person using mobile phone, multiple images of people arranged in circles in background

Swipe Left to Scrape

May 2, 2017

Yesterday morning security forums reported news that an AI researcher had published a dataset of 40,000 photos that had been scraped from the dating app Tinder. The purpose was simply to extract a real world data set that can be used for training Convolutional Neural Networks (CNN) to tell the difference between men and women. This seems innocent enough, although the author's choice of variable naming caused a bit of a stir. He quickly changed the variable name "hoe" to "subject" soon after the story broke. Apparently this original naming was inherited from the Tinder Auto-Liker code. Read Full Story
Collection of mobile phones and tablets

The Problem of API Abuse

October 18, 2016

The number of devices connected to the internet has exploded in recent years as everyone becomes permanently attached to their phone or tablet. As the number of mobile users has increased, there has been movement away from websites towards mobile apps. Large companies can gain more information about users when they use their app, and can also provide a more fully featured experience by offering offline functionality or by making use of the phone’s camera, accelerometer or GPS. Users tend to prefer them as well because they offer a richer experience. Read Full Story
Pixelated acronym DDoS made from cubes in mosaic pattern

The Rise of DDoS

October 18, 2016

The attack on the website of Brian Krebs and the release of the Mirai malware source code demonstrates the challenges that face the anti-bot world. At its peak, the Krebs on Security DDoS attack was generating 620Gbps of traffic, mostly from IoT devices. With the ever increasing number of internet connected devices, and their current security shortcomings, it should come as little surprise that the scale of DDoS attacks is increasing. Read Full Story
Magnifying glass on a mobile phone

Simple App Authentication

September 26, 2016

Suppose your mobile app relies on a back-end server that holds sensitive data or just data that you do not want to be manipulated or copied freely. You trust your own app to do everything right, but what about bots exploiting your API or if someone steals and subverts your app? Read Full Story
Wooden toy robot surrounded by grass

Bot Mitigation Challenges in the Mobile World

August 9, 2016

Bots are everywhere, crawling all over the internet. Some are good, cataloguing websites and enabling you to search for pictures of cats with ease. Others are all about information gathering, theft and fraud, are known as API abuse, and are bad news. More and more time is being spent accessing the Internet from mobile devices, and apps are becoming increasingly important as the software performing this access. Apps are a new and challenging arena for existing bot mitigation techniques and attackers are starting to shift their focus from the mobile web channel to mobile apps to try and circumvent current protection mechanisms. Read Full Story

Posts by Topic

see all

Subscribe to our blog

Prev 1 2 3 4 Next

Request a Demo

Give us 30 minutes and our security experts will show you how to protect your revenue and business data by deploying Approov to secure your mobile apps and your APIs

 

Get a Trial

Approov offers a complimentary 30 day trial (no credit card necessary) to give you immediate and valuable insight into the security risks of your mobile apps and the devices they run on.