New bots were brought to the marketplaces – Newspaper Kommersant No. 224 (7425) dated 12/02/2022

In November, cybersecurity experts recorded a sharp increase in the activity of Internet bots. First of all, marketplaces, where sales were going on all month, were subjected to their attacks. Such activity of bots can prevent users from making purchases, and for unprotected store resources, it will distort the statistics of real attendance and affect the position of the resource in search results, experts say.

Kommersant got acquainted with the report of the Internet threat protection company Qrator Labs, dedicated to the actions of Internet bots in Russian networks in November. It follows that the daily number of bot hits reached 300 thousand per hour this month, while in October the figure was at the level of 10 thousand. Also, the share of filtered bots in daily traffic tripled – from 0.13% to 3.12% . The previous surge was in July, but only for a few days.

According to Qrator Labs, online retail in general, fintech and online stores specializing in pharmaceuticals were hit in November. For example, on the resources of financial ecosystems during peak days, activity increased by 150-200% of the daily rate, reaching 30-35 thousand events per hour, follows from the report. As explained in the company, malefactors often used accounts of real users for an input, whose data appeared in the bases which got to open access.

Bot attacks that continuously send requests to a resource at a constant frequency distort key business metrics (conversion, reach, ARPU, etc.), give a false trail in evaluating the effectiveness of marketing campaigns on websites and mobile applications, explains the owner of the Bot Protection product in Qrator Labs Georgy Tarasov.

Wildberries reported that they did not note the activity of bots on their resources. Yandex.Market has built processes for automatically detecting traffic of Internet bots in real time, the data is not taken into account when evaluating indicators, the press service of the organization assured. Ozon, VK and banks developing fintech platforms did not respond to Kommersant’s requests.

Splashes of “malicious traffic” in November were noted by other companies in the field of cybersecurity. Kaspersky Lab says that they have observed a multiple increase in the number of bots on retail platforms: “They are mainly aimed at performing any actions in automatic mode. Such activity may be associated with a large number of discounts and various promotions. On November 11, Kommersant talked about attempts to disable Russian marketplaces against the backdrop of a massive sale on Singles Day.

Such surges, as a rule, do not pose a direct threat to customers, but attackers can take advantage of the situation and mislead them, says Dmitry Nikonov, head of DDoS-Guard protection: “For example, by distributing phishing links under the guise of a “working” version of the time is unavailable due to attacks.” Such attacks create inconvenience for sites, adds Andrey Naydenov, head of the security analysis unit at Infosecurity a Softline Company, but bots cannot steal an account or withdraw funds from a linked card account.

Bots can be used to collect and process data about products, prices and content of competitors, Dmitry Nikonov notes: “But there is also a separate category of bots that intentionally imitate user behavior and influence the position of the site in search results. So, bots can spend a couple of minutes on the site, because of which the browser metric “decides” that the site is not interesting and lowers it in its rating.” A similar problem arose for site owners in connection with DDoS attacks: when a company’s website is unavailable, it drops down in the issuance of any search engine (see “Kommersant” dated July 21).

Now the influx of bots has rather affected the resource statistics following the results of mass sales, Georgy Tarasov believes: “If an online resource does not use solutions to protect against bot attacks on logins, a product catalog and promotional campaigns, its metrics will be heavily polluted by bots and will be significant false excess.

Tatiana Isakova, Yulia Poslavskaya