Malicious Crawlers and Ticket-Grabbing Software: The Truth behind Cybercrimes
As consumers, perhaps everyone has had the experience of participating in flash sale activities on e-commerce platforms, but the results are often unsatisfactory - as soon as the flash sale time arrives, the goods are announced to be sold out. Some participants will blame their own insufficient reaction speed, while others will question the lack of sincerity of the platform. However, for network security professionals, the truth is often more complicated.
The phenomenon that discounted goods are sold out within 0.00001 seconds
is mostly caused by malicious crawlers. On the eve of the "618"
e-commerce festival this year, the security department of a well-known
e-commerce platform (it is said that the platform is JD.com) monitored that
some merchants were suspected of defrauding subsidy funds by means of false
transactions, involving an amount of more than 5 million yuan. After
investigation, it was found that some merchants frequently placed orders for
the specified subsidized goods under the instigation of intermediary companies,
but the actually delivered goods were mineral water. This kind of fraudulent
behavior was finally exposed by the police, and 61 suspects were successfully
arrested.
Another example occurred during the Double Eleven promotion in 2020.
E-commerce platform A launched a half-price flash sale activity for a
well-known product. The activity attracted a large number of real users to
participate, and at the same time, it also attracted the attacks of malicious
crawlers. The impacts of malicious crawlers on the platform include consuming
server resources, affecting user experience, and the goods being quickly
snapped up. For this reason, e-commerce platform A used the threat data
accumulated by the data shield of Knownsec to intercept known crawler IPs and
distinguish real users from crawlers through the human-machine identification
function. In addition, it also analyzed the logs during the peak traffic
period, updated the threat IP database, and finally set up intelligent speed
limits to resist high-frequency queries. Under this series of measures, most of
the malicious crawler traffic was successfully intercepted.
In just one year, the number of malicious crawlers intercepted by the
Knownsec Cloud Defense Platform was as high as more than 92.7 billion times,
accounting for 27.9% of the total annual Web attacks. Thus, it can be seen that
the current situation of malicious crawlers is already very serious, and great
attention must be paid to the protection against malicious crawler attacks.
With the arrival of the summer vacation, famous schools in Beijing,
Shanghai and other places have become popular destinations for family tourism.
However, due to the surge in visiting demand, the phenomenon of "it is
extremely difficult to get a ticket" has emerged. A company technician, Li
Moumou, developed a ticket-grabbing software. After Wang Moumou and Zhang
Moumou learned about it, they cooperated with him. They attracted tourism
practitioners by posting on the Internet and other means and set up a "ticket-grabbing
studio". They used the ticket-grabbing software to grab tickets in batches
on various online platforms and resold them to tourism practitioners at prices
ranging from 80 yuan to 150 yuan. In less than a month during the summer
vacation of 2023, the two studios illegally profited more than 300,000 yuan. In
order to improve the ticket-grabbing efficiency, the software was designed to
achieve a violent ordering mode, which seriously affected the normal operation
of the system. In July 2024, the People's Court of Haidian District, Beijing
sentenced 13 people including Li Moumou to fixed-term imprisonment ranging from
6 months to 4 years and 6 months and imposed a fine for the crime of illegally
obtaining data from a computer information system.
These three cases have revealed a fact: whether it is the college visit
reservation system or the subsidy mechanism of the e-commerce platform, they
may all become the targets for illegal elements to seek profits. In the face of
such criminal acts, relevant departments need to further strengthen supervision
and technical prevention measures to ensure that the public interest is not
violated and maintain good social order. With the development of technology and
the progress of society, the crackdown and preventive measures for such
criminal activities need to be continuously upgraded and improved to protect
the interests of the general public and network security.
评论
发表评论