E-commerce websites have been an active target for cybercriminals, especially during the holiday season, according to a report by security solutions provider Barracuda Networks.

According to the report, the company detected “millions of bad bots attacks” on such websites in November.

“Barracuda researchers in the middle of the month ran the Barracuda Advanced Bot Protection in front of a test web application, and detected a staggering number of bad bots in just a few days with millions of attacks coming in from thousands of distinct IP addresses,” it said.

Bad bots are identified as malicious based on their pattern of behavior. Bots are grouped by User-Agent. Some bots can be good and need not be blocked.

As per the report, cybercriminals have been using different ways to spoof good User-Agents to conduct the attacks. The bad bots spoof these known good User-Agents, which would need deeper scrutiny to tell them apart.

Barracuda researchers use different methods to separate such bots. These included injecting honeytraps like hidden URLs and JS challenges, using rDNS (reverse DNS lookup) to verify bots coming from a claimed source, among others. These bots were used by the attackers to run distributed denial of service (DDoS) attacks, make fraudulent purchases, and scan for vulnerabilities they can exploit, as per the report.

The researchers further found that the bot activity peaked in late mornings and went on until 5 pm.

Murali Urs, Country Manager-India, Barracuda Networks, commented, “While analysing which Internet System Provider or Autonomous System Number has been the source of this bad bot activity, our researchers identified Indian mobile provider Airtel’s subnet ranges in the mix, as well as some of the big public cloud providers like Google Cloud, Amazon. This shows that even though the source of bots is international, it would depend on the bot and the site it is targeting.”

“With the holiday shopping season expected to continue in full swing till New Year, e-Commerce teams should start taking necessary steps to safeguard their applications against bad bots. They must install a well-configured web application firewall as a service solution and make sure that the application security solutions include anti-bot protection to effectively detect advanced automated attacks. E-Commerce websites should further turn on credential stuffing protection to prevent account takeover,” he added.

comment COMMENT NOW