Research from Distil Networks reveals mobile as the new frontier for malicious bots
SAN FRANCISCO, CA – June 27, 2018 – Distil Networks, the global leader in bot mitigation, today released a new report titled, “Mobile Bots: The Evolution of Bad Bots,” based on analysis of over 100 million mobile devices on its networks. The findings suggest that sophisticated cyber criminals and bot operators now implement a new technique—leveraging mobile devices—to avoid detection and execute a number of nefarious acts. At this time, 5.8 percent of all mobile devices across six major cellular networks are used in such automated attacks and represent eight percent of all bad bot traffic.
This bad bot traffic is purposefully deployed against any business with a web presence to carry out acts that include web scraping, brute force attacks, competitive data mining, online fraud, account hijacking, data theft, spam and digital ad fraud.
Uncovered by the Distil Research Lab, the data reveals a new method by which perpetrators connect through cellular gateways to target a large variety of websites and apps simultaneously. Cellular gateways handle a huge volume of requests per minute, many of which are legitimate, making it difficult to identify and block criminal ones. Within some cellular carriers, a single IP address can cater to more than 4,000 devices per day, making cellular traffic an ideal location for bots to remain undetectable. As mobile devices move through different gateways, (based on device owners changing location throughout the day,) bots effectively change identities to make detection even more difficult.
Mobile bots by the numbers:
- Sample size: Over 100 million devices
- Number of mobile carriers researched: Six
- Percentage of mobile ISP gateways used in bad bot attacks: 44 percent
- Percentage of total bad bot traffic deriving from mobile devices on cellular networks: 8 percent
- Percentage of mobile devices making bad bot requests on cellular networks: 5.8 percent
- Average number of bad bot requests by each device per day: 50
“Mobile is the new frontier for bot operators, as they can perform highly advanced attacks while remaining hidden in plain sight,” said Rami Essaid, co-founder and chief product and strategy officer at Distil Networks. “Whether inadvertently downloaded through an email attachment, or embedded in a seemingly legitimate app, millions of consumers unknowingly carry malware on their devices that allows cybercriminals to conduct bot attacks, abuse and fraud. We have seen bot operators develop and enhance their techniques throughout the years, but the threat to mobile devices is real and growing, and can have detrimental consequences.”
To download the full report, visit: https://resources.distilnetworks.com/whitepapers/research-lab-mobile-bots
To view the Mobile Bots: The Evolution of Bad Bots infographic, visit: https://resources.distilnetworks.com/all-distil-blog-posts/infographic-mobile-bots-the-next-evolution-of-bad-bots
About Distil Networks
Distil Networks, the global leader in bot mitigation, protects websites, mobile apps, and APIs from automated threats. Fraudsters, hackers, and competitors use bots to commit online fraud, break into customer accounts, and gain an unfair competitive advantage. As the sheer volume, sophistication, and business damage of these attacks grow, bots put a costly strain on IT staff and resources. Only Distil’s unique, more holistic approach provides the vigilant service, superior technology, and industry expertise needed for full visibility and control over this abusive traffic. The Distil team pioneered bot mitigation in 2011, and has been leading the way ever since. With Distil, there is finally a defense against automated attacks that is as adaptable and vigilant as the threat itself.
For more information on Distil, visit https://www.distilnetworks.com/block-bot-detection/ or follow @DISTIL on Twitter.