21记者在现场看到了"内容农场"的演示：桌面上几十台手机，通过预设脚本在百度中自动搜索同一词 条。另一台机械臂反复点击着两台手机，不间断下滑抖音视频，自行点赞、收藏和评论。 工作人员介绍，黑产设备成本已经非常低廉，这台机械臂的购入价格在1000元左右，而电商平台购入的 两台真机只用300～400块。 依托这些设备运转起来的"地下经济"，利润主要来自两类业务：诈骗和作弊返利。数美科技新零售咨询 总监叶扬解释，他们观察到，诈骗团伙需要大规模社交触达以筛选目标，而薅羊毛团队则围绕批量刷 榜、冲量、注册拉新场景展开，盯准平台激励机制的缝隙。 已经攻防十几年的互联网黑灰产不算太神秘。支撑这两种业务的，通常是三类基础资源：账号、设备和 网络。 有了账号还需要设备。叶扬尤其提到，云手机的出现改变了游戏规则。"过去黑灰产作弊，还得去买一 批真机，不管新旧都要投入硬件成本。而现在有了云手机，他们只需要花很低的成本批量租用设备，就 能跑脚本、多开群控、模拟点击。而且现在云手机质量越来越好，效果甚至堪比真机。" （原标题：刷榜刷量的"内容农场"还在升级，安全治理怎么防？） 21世纪经济报道记者肖潇 北京报道 AI 重塑了我们的上网 ...

Group 1 - The report by Threat Hunter analyzes the trends of the internet black and gray industry in the first half of 2025, focusing on attack resources, technologies, and scenarios to provide reference for enterprise risk control [1][10] - Daily active risk IPs reached 13.82 million, a 15.02% increase compared to the previous period, with over 50% of attacks coming from "hijacked shared proxy" IPs [9][62] - The emergence of new "link code" methods for money laundering and a 28.6% increase in laundering bank cards were noted, with gambling-related cards accounting for 70.25% of the total [1][9] Group 2 - AI technology is being heavily misused, enabling minute-level face-swapping and 10-second voice cloning for fraud and authentication bypass [1][9] - Marketing fraud intelligence increased to 580 million entries, a 26% rise, with high risks in e-commerce and local life sectors [2][9] - Financial fraud incidents included 770,000 malicious loan-related entries, a 12% increase, while car loan fraud decreased by 10% and housing loan fraud surged by 63% [2][9] Group 3 - The report highlights the adaptability of the black industry, indicating that after being targeted, it quickly shifts to existing or emerging alternative channels [8][10] - API attacks exceeded 1.49 million times, with consumer finance being the primary target, utilizing methods such as account scanning and database collisions [2][9] - Data breaches reached 57,000 incidents, with e-commerce and finance being the focal points, and loan application information leaks increasing fourfold [2][9]