Freely subscribe to our NEWSLETTER

Netacea discovered that bots are comprised of separate specialised automated processes that work as one to infiltrate businesses. These bots take a modular approach to attacks and are programmed to overcome any challenge, such as CAPTCHA.

Netacea was able to detail the six stages of a scalper bot attack in the BLADE framework:

• Resource Development (Pre-Attack) – Adversaries build or attain access to the infrastructure they will need in launching the attack (such as proxies to hide the true source of the attack).
• Attack Preparation – Adversaries start preparing the attack by creating accounts and aggregating them under a single point of control.
• Reconnaissance – Adversaries look for a specific item like a PS5 and the exact moment it becomes available.
• Defence Bypass – Adversaries might be challenged by defences, such as CAPTCHA, during any of the stages of the attack. If this occurs, this module design will kick in, bypass the defence and hand control back to the bot module managing reconnaissance.
• Attack Execution – When the item is identified as being available, the bot will automatically move on to executing the attack by purchasing the item.
• Post Attack – After the product has been purchased, adversaries will seek to bring it into their position while bypassing any restrictions on one item per customer or address.

Once the attack stages for a scalper bot attack were confirmed, Netacea analysed the tactics, techniques and processes of other types of bot attacks and captured all automated bot threats and their lifecycles in a series of comprehensive kill chains.

Netacea’s research also uncovered that many organisations behind bots operate at a professional level, with consultants, help desks and highly specialised infrastructure providers accessible through covert forums. This has contributed to the easy availability of bots by bad actors from all walks of life.