Business logic attacks abuse the functionality of a program—as opposed to an application vulnerability. They’re stealthy because they don’t come as malformed requests and they contain legitimate values. Often, we cannot even call them illegal. Mainly performed by business logic bots (BLBs), these types of attacks can perform a variety of attacks including Queue Jumping, Auction Sniping, Poll Skewing, Click Fraud, Poker Bots, and more.
An interesting column highlighting some of the attacks that often go unnoticed and escape the headlines, but are happening every day..."
Link to Original Source