Cybercriminals are using millions’ of ‘bad bot personas’ from thousands’ of distinct IP addresses to run distributed denial of service (DDoS) attacks, make fraudulent purchases, and scan for vulnerabilities that can be exploited on hundreds’ of e-Commerce sites during the Christmas season. This information has been revealed by Barracuda Networks, the email and cloud security company, in their most recent Threat Spotlight analyzing the threat facing shoppers and vendors this holiday season.
The holiday shopping season, which will be almost entirely online this year due to the UK’s tier-system lockdown, creates an attractive target for cybercriminals, and in mid-November, Barracuda researchers ran Barracuda Advanced Bot Protection in front of a test web application, and observed that it had been targeted by over 90 million bad bot personas from over 340,000 distinct IP addresses, in just a few weeks.
Bad bot personas are bots that have been identified as malicious based on their pattern of behaviour. The data gathered by Barracuda researchers shows a whopping 72 per cent of bad bot traffic belonged to unspecified malicious users, 5 per cent belonged to HeadlessChrome personas, and there was an increase in yerbasoftware and M12bot personas.
Interestingly, Barracuda researchers observed that, in the UK, bot activity peaks mid-morning and doesn’t fall off until closer to 5 pm, which suggests that the cybercriminals (aka ‘bot herders’) follow a regular working day.