February 25, 2021 by Jason Pittock | 8 min reading time

Bots are obedient little “beings”. When you give them a job to do and instruct them on exactly how to do it, they're off to the races to get the job done. Bots can easily imitate or replace the behavior of a human being. Whether they’re good bots or bad bots, they’re kind of like wizards when it comes to doing repetitive tasks.

how botnet attacks affect your business

While you can certainly use bots to your advantage, it's the bad bots you need to worry about. Check out some of the ways a bad bot attack can affect your business:

  • Click fraud-repeatedly clicking on your online ads
  • Stealing your data
  • Taking over your account
  • Committing transaction fraud
  • Performing web scraping

Bots are a cyber criminal’s best friend. Cyber attackers, villainous competitors, and other fraudsters make it a habit of sending bad bots over the internet to attack websites and perform other malicious tasks. It's not uncommon for unscrupulous competitors to use bots to engage in price gouging or selling out your entire inventory.

Nefarious individuals may use bad bots to attack a particular industry. Others unleash bots across a range of different industries. No one is safe from a click bot attack. On the off chance that you think web bot hits aren’t that big of a deal, bad bots impersonate activity on Google Chrome a little more than 55% of the time!

To help you get a better grip on click bot activity, we're going to take a look at 5 famous bad bots that brought big companies to their knees. 

Bad Bot #1 EarthLink Spammer 

EarthLink was once one of the largest internet service providers and the country. That designation made them a prime target for a massive spam attack. In 2000, a guy in Tennessee, along with about 50 other cybercriminals, used fake websites and domain names to send out over 1.25 million spam emails to unsuspecting victims. 

Here's how the bot attack scam worked. The spam emails promised free credit reports or free internet service, and they required users to submit their credit card information or other sensitive information to obtain a new account. With the promise of free goods, the emails required users to download software. Little did they know, the software contained viruses or Trojan horses that quickly infected the users’ computers. And in no time, the Tennessee man and his cronies were able to access private information that was stored on the user's computers remotely. 

The criminal then used the information to set up new spam accounts. He also sold accounts to other spammers. In the end, the scheme affected around 12% of the company's total email traffic over the course of a year. It cost the company a cool $4.1 million in lost profits. 

EarthLink learned a hard lesson about the risks of bad bots and now has a staff of people working full time on fraud and abuse cases. 

Bad Bot #2 Storm

In 2007, a nasty worm stormed its way through over a million computer systems. The infamous Trojan horse virus was dubbed the Storm botnet, and it was a highly successful operation. You may also hear references to it as the Storm worm botnet, Dorf botnet, or Ecard malware. It was one of the first peer-to-peer click bots that could be controlled from several different servers. 

The fraudsters were highly creative in their efforts to defraud users. It was named Storm because it tugged at people's heartstrings with subject lines that indicated hundreds of people were killed in a bad storm. As users opened their email program, they clicked on the link to get the details of the tragedy, and malicious malware infected their computers instantly. The risks of Storm included bank fraud, identity theft, and other crimes. 

Storm was a remotely controlled botnet attack that spreads through email spam. What made it so dangerous is that the virus displayed defensive behaviors that actively protected the botnet from attempts by security vendors and researchers who were trying to track and disable it. 

Bad Bot #3 3ve

If there's anything worse than a botnet attack, it's an entire family of interwoven bad bots created for botnet attacks. That's exactly what happened in 2016 when 3ve (pronounced eve) was discovered. 

What made 3ve so dangerous? It was a click bot that generated three different sub-operations that were connected together with the goal of perpetuating ad fraud. 3ve was responsible for infecting over 1.5 million computers and lots of servers that were generating fake traffic using click bots. 

This web bot, which was responsible for malware that counterfeited 5,000 websites, impersonated legitimate web publishers. 60,000 accounts from online advertising companies were affected, and cybercriminals walked away with large sums of money. 

3ve was largely able to evade detection, which made it even more dangerous. 

In 2018, Google, White Ops, and a bunch of other tech companies banded together in a coordinated attempt to shut down the bot attack. The group was ultimately successful in dismantling 3ve, and the perpetrators were identified, arrested, and indicted. It was a major victory in the area of ad fraud detection and crime. 

3ve Is a perfect example of not only how dangerous web bot hits can be, but also how difficult they can be to overcome. 

Bad Bot #4 Mirai

The word “mirai” means future in Japanese. The Mirai botnet attack, which was unleashed in 2016,  was named after the 2011 anime series Mirai Nikki on television. Initially, the software was used by the creators of Minecraft servers and other companies that offered DDoS protection to servers. All the while, these creators used Mirai to conduct a full-scale data protection scheme.

With that interesting tidbit aside, Mirai is a form of malware that turns smart devices into web bots that are remotely controlled by criminals as part of a large-scale network attack. The attack caught many people by surprise because it attacked everyday household items like IP cameras and home routers. 

The bots relied on the fact that most people weren't regularly changing their usernames and passwords. With free access to the device, Mirai could easily log into the device and send a virus racing through it. Something that makes this bot attack so dangerous is that the source code has been published and the original techniques have been adopted by other malware programs. 

The originators of Mirai were ultimately caught by the FBI and were held accountable. 

Bad Bot #5 Bad Bots and (Bad) Bias in Hiring Practices

It's fairly common for companies to have a bias in their hiring practices. When a recruiter sees someone in person, they often make judgments based on a job candidate's appearance. In our final example of bad bots, we can learn a few lessons from some past hiring practices of Amazon, Microsoft, and Google Translate. 

Men working in the tech space far outnumber women. At first glance, it appeared that women really didn't want to work at Amazon. Well, that wasn’t accurate after all. It turns out that Amazon implemented a hiring AI that translated data on the lack of women being hired as a fact that women just didn't want to be hired there. So, guess what? The AI immortalized a bias in its training data that downgraded resumes from female applicants. 

Google Translate had a similar problem. Its AI converted neutral pronouns to male pronouns in several languages. To make matters worse, the AI continued repeating the biases of its translated training content, using male pronouns in a positive context and using female pronouns in a negative context. 

In a different type of bias, Microsoft’s AI wasn't able to recognize dark skin tones in its facial recognition. As a result, dark-skinned job candidates never made it to the recruiters. 

Let's call it a “live and learn” situation for all three companies. 

Getting Ahead of the Bad Bots Trend

Millions of bad bots are floating around the internet at this very moment, and the risk gets greater all the time. 

Major tech companies are putting forth a strong effort to watch bot attack trends in an effort to protect their own systems and others from malicious attacks. They have a tough task ahead of them because click bots can do an incredible amount of damage in record time. Unless they get caught, cybercriminals are cashing in big time. 

Google uses machine learning to filter out bot activity on their ads and they use a manual review process to bolster their efforts, but buyer beware! It’s far from fool-proof. Some advertisers have enlisted the help of automated click detection programs with the aim of blocking clicks that are most likely from bad bots. 

If you know a little bit about click fraud, you may be able to manually block a fair number of bad bots that are impacting your ad campaigns. If you're looking for a cost-effective, easier solution, ClickGUARD shows you the benefits of using anti-click fraud software. In the interest of total transparency, ClickGUARD software doesn’t protect against all kinds of bad bots, but it's highly efficient when it comes to preventing click fraud. Contact us today!

Jason is a passionate data-driven specialist with extensive PPC & SEO experience. When not writing about SEM he can be found surfboarding the wildest ocean waves of the Argentinian coast.