Fraudsters target Russian users' banking apps with bots, while AI amplifies the scale of attacks
Fraudsters have begun attacking Russian users' banking apps around the clock using bots. In effect, these are no longer manual hacking attempts but a stream…
AI-processed from CNews AI; edited by Hamidun News
Criminals have moved attacks on Russian banking applications into a fully automated mode. Bots now create the main load, operating around the clock, while artificial intelligence helps accelerate the scale and speed of such campaigns.
Attacks Without Pause
We're no longer talking about isolated attempts by individual malicious actors, but a continuous stream of requests to mobile and web banking services. Such campaigns easily stretch out over days and weeks. Bots don't get tired, don't make errors due to human factors, and are easily distributed across multiple devices, proxies, and accounts. This is why the scale of what's happening looks unusual even to cybersecurity specialists who are accustomed to DDoS campaigns, phishing, and automated data collection over networks.
For banks, this means that pressure on infrastructure can no longer be viewed as brief bursts of activity. An attack can continue day and night, testing system resilience, anti-fraud response, and the speed of blocking suspicious actions. If previously attackers often depended on manual scripts, now automation allows them to maintain constant pressure and quickly change tactics without stopping the campaign. This also changes the entire economics of attack.
How AI Helps
Artificial intelligence in such schemes doesn't necessarily replace the criminals themselves, but noticeably amplifies their capabilities. It helps quickly gather and process large volumes of data, craft text for social engineering, adapt scenarios to application responses, and identify weaknesses in user flows. Some solutions can be automated without operator involvement at each step. As a result, an attack becomes not only massive but also more flexible: the system can adapt almost in real time to changes in defense.
- Massively generate variations of requests and login scenarios
- Automatically change behavior patterns to avoid filters more frequently
- Test application response to errors, blocks, and restrictions faster
- Scale campaigns without proportional growth in manual work
Such an approach makes AI not a magic button, but an accelerator of already known cybercriminal practices. What previously required a team of operators and lengthy manual setup can now be deployed considerably faster. For defenders, this is bad news: the cost of attack for criminals decreases, meaning the number of attempts and their variability grow. It's easier for them to experiment, and harder for defenders to predict the next step in an attack chain.
What Changes for Banks
In practice, banks must strengthen not only network security but also behavioral analysis within applications. When a stream of suspicious actions runs 24/7, standard IP limits and simple CAPTCHAs become insufficient. You need systems that track anomalies by device, frequency of operations, routes within the application, and patterns of interaction with the interface. The ability to quickly distinguish a live customer from an automated session is especially important. Otherwise, bots will repeatedly find cheap entry points for massive pressure.
For users, this means growing hidden risk: even if an attack doesn't result in immediate account compromise, it increases load on services, creates ground for fraud schemes, and complicates support operations. The better criminals automate attacks, the more often banks are forced to introduce additional checks, which already affects convenience and speed of access for regular customers. The compromise between security and comfort becomes harder.
What This Means
Banking applications have become one of the main arenas where automated defense and automated attack collide. If artificial intelligence makes mass cyber campaigns cheaper and faster, banks will have to respond not with point measures, but with constant adaptation of defense — otherwise, the speed advantage will remain with criminals. The main conclusion is simple: in fighting such schemes, the winner is not the one who sets up a barrier once, but the one who knows how to update protection daily. Speed of adaptation now becomes the main factor in the resilience of banking services.
Want to stop reading about AI and start using it?
AI News is a curated feed of AI/tech news. Hamidun Academy teaches you to use AI systematically in your work.
The AI world, distilled — once a week
Seven stories that actually mattered, hand-picked. No noise, no reposts, no press releases.
Done! Check your inbox for a confirmation.