In the previous post, we looked at some of the benevolent uses of bots and how they help businesses increase productivity and build deeper relationships with their customers. In this post, we will examine the ways in which malicious bots are deployed to disrupt business operations for financial gain.
Malicious bots are programmed in a way that they can self-propagate as malware, in the process infecting host machines. Some of the common activities that malicious bots are used for are as described below:
- Exploit a user’s query for a file – say, a music or video file – to return links that redirect the user to download an infected file. When the unsuspecting user clicks the link to download and open the ‘requested’ file, his device gets infected.
- Often, bots are used to gather email IDs from various sources including social media platforms, business websites, and so forth to disseminate spam in bulk. Apart from sending out spam, these bots also spam websites by way of comments or feedback forms. They insert malware links or ads or simply direct a deluge of traffic to overwhelm the target websites.
- Bots are also used to verify stolen credentials – matching usernames with correct passwords. Once cyber criminals have correct username-password pairs, they use them to gain unauthorized access to user accounts and exploit these compromised accounts at will.
- Some bots are sophisticated enough to emulate human behaviour and ‘purchase’ tickets to popular events at scale. This automated ‘purchase’ makes the tickets unavailable to the genuine users. Often, these bots hold the tickets for checkout and never actually buy them. When they do purchase the tickets, this is with a view to resell the tickets at a higher price.
- A part of a larger network of infected devices – botnet – a zombie bot is an individual infected device. A botnet is often used to launch large-scale attacks – such as distributed denial of service (DDoS), where each zombie bot works in coordination with other zombie bots.
- The popularity of eCommerce is on the rise. Bots are misused to post fake reviews with a view to either tarnish or augment the image of a particular seller. Often, buyers read reviews before making a purchase. Fake negative reviews can tank the sales while positive reviews can improve the sales.
- One of the most common uses of bots is to log keystrokes, which enables cyber criminals to harvest personal information including passwords, credit card details and financial account details. This information is then used to scam people.
What makes it difficult to stop bots?
That said, along with the evolution of bots, mitigation techniques too are evolving. Today, mitigation solutions use a variety of techniques to stop bots. These include static analysis tools, behavioral analysis, challenges and rate-limiting.
Protecting against malicious bots
To prevent a bot attack, it is essential to learn about some of the telltale signs. These may include slowing down of internet access, undue increase in the online traffic, increase in popups, an unintentional outflow of messages, among others. Depending on the issues identified, appropriate bot mitigation solutions may be deployed.
The article has been written by Neetu Katyal, Content and Marketing Consultant
She can be reached on LinkedIn.