Due primarily to the value of merchandise that can be quickly resold, the retail segment has emerged as the most favourite target of hackers eying to make some quick money, suggests a new research.
During May to December last year, hackers directed credential abuse attempts at retail sites more than 10 billion times, making retail the most targeted segment studied, showed the study by Cloud delivery network provider Akamai Technologies on Wednesday.
"Retailers remain on the front lines, because stolen merchandise sells quickly and at a premium. And for that reason, the data shows which merchandise is of the highest value: Apparel sites are targeted the most," said Martin McKeay, Security Researcher and Editorial Director of the report titled "State of the Internet/Security".
The company studied the credential abuse technique known as credential stuffing, where hackers systematically use botnets to try stolen login information across the web.
They target login pages for banks and retailers on the premise that many customers use the same login credentials for multiple services and accounts.
Interest in retail is driven by the value of merchandise, which hackers acquire through compromised accounts and then frequently resell.
The insidious All-In-One (AIO) bots that hackers deploy are multi-function tools that enable quick purchases by leveraging credential stuffing and a number of evasion techniques, the report said.
A single AIO bot can target more than 120 retailers at once.