
Fake account creation attacks: anatomy, detection, and defense
Fake account creation is one of the most persistent forms of online abuse. What used to be a fringe tactic
Antoine is currently the Head of Research at Castle. In this role, he focuses on improving Castle's bot detection engine using different approaches, including behavioral detection, and fingerprinting.
Fake account creation is one of the most persistent forms of online abuse. What used to be a fringe tactic
Credential stuffing remains one of the most scalable and persistent threats on the internet. While defenders have improved at catching
This is the third edition of our monthly tracker highlighting email domains linked to fraudulent activity. Just like in Mays’
Every time there's a Hacker News thread about bots, bot detection, or CAPTCHAs, a familiar complaint shows up:
Browser automation tools like Puppeteer, Playwright, and Selenium are widely used for testing, scraping, and other automation tasks. However, because
A recent Hacker News post looked at the reverse engineering of TikTok’s JavaScript virtual machine (VM). Many commenters assumed
This is the second edition of our monthly tracker highlighting email domains linked to fraudulent activity. Just like in April’
In this post, we analyze an open-source CAPTCHA solver designed to bypass a custom challenge deployed on Binance, one of
This is the fourth article in our series on anti-detect browsers. In the previous post, we explained how to detect
Disclaimer: If you're here for the holy grail of bot detection, this may not be it, unless your
This is the first release in a new Castle series highlighting email domains associated with fraudulent activity. Our goal is
Disposable email addresses are temporary inboxes that allow users to receive messages without linking the address to a long-term identity.