The Distil Research Lab released their latest threat research report called Mobile Bots: The Next Evolution of Bad Bots revealing that sophisticated bot operators now implement a new technique, leveraging mobile devices, to avoid detection and execute a number of nefarious acts.
This new attack method where perpetrators connect through cellular gateways targets a large variety of websites and apps simultaneously. Cellular gateways handle a huge volume of requests per minute, many of which are legitimate, making it difficult to identify and block criminal ones. Within some cellular networks, a single IP address can cater to more than 4,000 devices per day, making cellular traffic an ideal location for bots to remain undetectable. As mobile devices move through different cellular gateways, (based on device owners changing location throughout the day,) bots effectively change identities, carrying out acts that include web scraping, brute force attacks, competitive data mining, online fraud, account hijacking, data theft, spam and digital ad fraud.
Mobile bots by the numbers:
Sample size: Over 100 million devices
Number of mobile carriers researched: 6
Percentage of mobile ISP gateways used in bad bot attacks: 44%
Percentage of total bad bot traffic deriving from mobile devices on cellular networks: 8%
Percentage of mobile devices making bad bot requests on cellular networks: 5.8%
Average number of bad bot requests by each device per day: 50
Download your copy of Mobile Bots: The Next Evolution of Bad Bots.
About the AuthorMore Content by Edward Roberts