Facebook Twitter Instagram YouTube LinkedIn
    Facebook Twitter Instagram LinkedIn YouTube
    Trending
    • IDS Alliance Raises Awareness of IAM Fundamentals with the ‘CISO Chronicles’
    • Building Digital Accessibility: AI Requires Human Oversight to Cut Down on Algorithmic Biases
    • BlackBerry Ivy: Enabling a New Age of Electric Secure Autonomous Vehicles
    • Security Automation Cuts Down Expenses and Saves Time for IT Teams
    • IBM Think 2022 – Embracing the Present, Preparing for the Future
    • A Game of Numbers: The Correlation Between Technology and Sports Betting
    • Software-based Enterprise Solutions for Navigating the “Too Much Information” Age
    • A Look At The Last Generation Of Internal Combustion Engines
    TechSpective
    • RSS
    • Facebook
    • Twitter
    • Google+
    • LinkedIn
    • Instagram
    • Pinterest
    • Technology
      Featured
      March 1, 20216

      Could Home Study Be Better for Education? Using Technology to Craft a Better Tomorrow

      Recent
      May 20, 2022

      Building Digital Accessibility: AI Requires Human Oversight to Cut Down on Algorithmic Biases

      May 20, 2022

      BlackBerry Ivy: Enabling a New Age of Electric Secure Autonomous Vehicles

      May 15, 2022

      A Look At The Last Generation Of Internal Combustion Engines

    • Reviews
      Featured
      March 4, 20211

      Dell’s UltraSharp 40 – Improving Work and Workplaces with Monitor Innovations

      Recent
      April 7, 2022

      Dell’s Latitude 5430 Rugged – Redefining the Extremes of Mobile Computing

      October 12, 2021

      Innovating Home Video Conferencing: Dell’s New 27 Video Conferencing Monitor – S2722DZ

      September 22, 2021

      Review: Intrusion Shield

    • Podcasts
    • Security
      Featured
      March 7, 20212

      Pandemic Unmasks Vulnerability to Automated Bot Attacks

      Recent
      May 23, 2022

      IDS Alliance Raises Awareness of IAM Fundamentals with the ‘CISO Chronicles’

      May 14, 2022

      Ransomware is Indiscriminatory – Prepare for Everything to Fail

      May 5, 2022

      Cybersecurity Myths that are Compromising Your Data and How to Address Them

    • Microsoft
      Featured
      September 12, 20201

      The Microsoft Surface Duo: The Communications Device for Those That Think Different

      Recent
      April 8, 2022

      AI and Why Windows 12 Could Be a Far Bigger Advance than Windows 95 Was

      October 11, 2021

      The Surface Laptop Studio: Building a Windows 11 Targeted Laptop

      August 28, 2021

      Why Microsoft’s Hardware Baseline for Windows 11 Is Important

    • News & Analysis
      Featured
      March 6, 20212

      Fixing The World One Person At A Time: Cisco Networking Academy

      Recent
      May 20, 2022

      BlackBerry Ivy: Enabling a New Age of Electric Secure Autonomous Vehicles

      May 20, 2022

      IBM Think 2022 – Embracing the Present, Preparing for the Future

      May 14, 2022

      Apple vs. Dell: Choosing Which Company to Work For

    • Business
      Featured
      March 6, 20212

      Fixing The World One Person At A Time: Cisco Networking Academy

      Recent
      May 20, 2022

      Building Digital Accessibility: AI Requires Human Oversight to Cut Down on Algorithmic Biases

      May 20, 2022

      Security Automation Cuts Down Expenses and Saves Time for IT Teams

      May 18, 2022

      Software-based Enterprise Solutions for Navigating the “Too Much Information” Age

    TechSpective
    You are at:Home»Security»Botnet»Beyond Stopping You from Buying Air Jordans, Sneaker Bots are Tying Up the World
    Jordans Yeezy Nike sneaker bots
    Image from Pixabay

    Beyond Stopping You from Buying Air Jordans, Sneaker Bots are Tying Up the World

    2
    By Sam Crowther on September 15, 2021 Botnet, Ecommerce

    We’ve all heard about the ultra-premium sneakers like Adidas’s Yeezy and Nike’s Air Jordans that sell out within minutes of a drop. But what you probably haven’t thought about is the havoc Sneaker bots are wreaking not only on sneaker companies, but on the entire eCommerce industry.

    Sneaker bots (aka Scalper bots) are infamous for purchasing extremely limited items by using automation for speed and volume. These bots clear out digital inventory and expedite the online checkout process the millisecond a sneaker or other highly demanded product drops. Automation enables collectors, resellers, and DIYers to scoop up inventory of limited-edition products faster and in larger quantities than is humanly possible.

    Sneakers have become an asset class similar to stocks and cryptocurrency, and trade on a variety of reseller platforms for investors to make lucrative profits. A Piper Sandler spotlight on StockX estimates the sneaker resale market is worth an estimated $10 billion in 2021 in the U.S. alone.

    However, sneaker bots are also being used to scoop up other in-demand merchandise and services, such as gaming systems, concert tickets, consumer electronics, luxury apparel, hotel rooms, and even vaccines. Last year, bots accounted for at least 20% of traffic to eCommerce sites, but that percentage soars to 99% in some cases when it comes to new sneaker drops. Sneaker bots are also known to hoard inventory in online shopping carts without checking out. This is usually conducted so retailers appear to be sold out of an item, forcing consumers to go to a reseller to find what they’re looking for and pay 2-5x the retail price.

    Sneaker Bots’ War on eCommerce

    There are several ways that sneaker bots negatively affect the customer experience, which in turn, has detrimental consequences for a business’ bottom line:

    • Damaged brand reputation: When bots scoop up all your inventory (or even just make it look that way through inventory hoarding), it hurts your customer experience.
    • Loss of revenue: Due to inventory abuse, you don’t get to create new customers (and possibly evangelists) or service customers with whom you already have a relationship, impacting their loyalty to your site and your ability to establish consumer preference.
    • Increased infrastructure costs: If you’re dealing with automated traffic to your site, you’re paying for bandwidth and infrastructure costs (and the human resources to support them) that aren’t necessary thanks to automated bots. In some cases, the cost of processing bad bot traffic can exceed the profit margin of the item being sold.

    While sneaker botting may seem unfair, it’s completely legal. At the same time, it creates frustrated shoppers and retailers alike. As a result, bots are often in violation of eCommerce providers’ terms of service. To combat sneaker bots, retailers resort to lotteries and waiting rooms, where shoppers have to take a number to complete a purchase or registration. But even waiting rooms and ticket numbers can be exploited at scale. What appears to be multiple legitimate customers signing up all at once are really more sophisticated bots, more often than not.

    Who are the Sneaker Bot Players?

    There are generally three types of sneaker bot players:

    • Collectors who simply want to beat the competition and win their coveted pair of kicks for themselves at any cost.
    • Resellers who want to snag as much quantity as possible and jack up the resale prices for a quick profit with built-in demand. They may be reselling on auction sites or through their own online shop.
    • DIYers who are attracted to the potential to make money through the use of cheap bots and plugins. They join online communities and Cook groups for advice and purchase bots-as-a-service to grab inventory.

    Three Types of Sneaker Bots

    All-in-One (AIO) Bots:

    To target more than one site, operators deploy all-in-one bots, which automates the entire purchase. For example, AIO bots can seek out new inventory, add it to the cart, and check out, all in less than 0.2 seconds. Real shoppers simply cannot compete.

    Not only can they make automated buys, but they can also keep up with updates to shopping cart procedures in order to work around bot detection and mitigation solutions. These bots work around the clock, shopping all over the world to score kicks and other in-demand merchandise. There are lots of AIO bots to choose from, such as Prism AIO, Torpedo AIO, geographic-specific AIO bots such as EU-focused Burst AIO, and many others.

    Monitor Bots:

    Specifically built for automatically scanning and scraping information, monitor bots seek out new releases, pricing, and stock availability. Once identified, the bots send an alert with the relevant information to their operators, as well as to other bots such as AIO bots. A subset of this type of bot is known as a Footprinting bot, which probes for online inventory that might not be public yet, scoring stock a human being could never find before its release.

    Specialized Bots:

    Some sneaker bots are optimized for a single brand, the most popular being Nike, Supreme, and Adidas Bots. Like AIO bots, these specialized bots continuously update their approach to work around detection. There are also bots designed to work with specific eCommerce platforms such as Demandware or Shopify, which host dozens of sneaker websites, as well as Footsites bots that target four popular sneaker websites (Footlocker, EastBay, ChampsSports, and Footaction).

    Beating Bots at their Own Game

    To fight sneaker bots, eCommerce companies need a modern anti-bot solution that stops bots from even getting into companies’ infrastructure in the first place and makes it financially unviable for them to operate. But how?

    For starters, put faith in an architectural approach that relies on zero trust and assumes all requests are guilty until proven innocent. This no-rules method can stop bots without having to inspect behavior or device and network attributes, including those never seen before.

    Second, removing the economic incentive at the heart of the sneaker bot model does wonders to stop them cold. This can be accomplished through an asymmetric cryptographic proof-of-work challenge that exhausts the compute resources of automated attacks, wrecking their ROI and making it too costly to continue.

    Last, because bots are constantly updated, another way to strike back is to make it difficult for bot operators to retool and reverse-engineer defenses or even to build new bots that can bypass detection. This can be done through resilient obfuscation instead of open-source tools, such as using techniques that dynamically change, frustrating bot operators.

    The bottom line is that when it comes to automated technology like sneaker bots, the best way to fight them is also through automated technology, and these three approaches together help beat bots at their own game.

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Previous Article5 New Tech Gadgets You Should Have at Home
    Next Article Salesforce Reacts to Texas Law Change – Why you Should Follow Their Lead
    Sam Crowther
    • Website

    Sam Crowther, founder and CEO of Kasada, is an entrepreneur with a passion for cybersecurity. He got his start in the industry as a high school student when he joined the cybersecurity team of the Australian Signals Directorate (ASD). From there, he moved to a red team role at a global investment bank, an experience that inspired him to start his own company. With funding from leading U.S. and Australian investors, Crowther launched Kasada in 2015 to provide innovative web traffic integrity solutions to companies around the world. Based in New York and Sydney, Crowther loves creating simple technical solutions to complex problems and is motivated by challenging preconceived ideas and beliefs in order to have a positive impact on the world.

    Related Posts

    Largest Botnet Malware Highlights Need for Breach and Attack Simulation

    FinTech Trends to Watch Out for in 2022

    5 Tech Investments Your Business Should Make

    2 Comments

    1. Pingback: Beyond Stopping You from Buying Air Jordans, Sneaker Bots are Tying Up the World - Shoe Biz News

    2. Pingback: Beyond Stopping You from Buying Air Jordans, Sneaker Bots are Tying Up the World - TechSpective - Domain & Web

    Leave A Reply Cancel Reply

    This site uses Akismet to reduce spam. Learn how your comment data is processed.

    Site Sponsors
    Intel
    DevOps.com
    Adobe
    PopSpective
    • Technology
    • Popular
    • Top Reviews
    May 20, 2022

    Building Digital Accessibility: AI Requires Human Oversight to Cut Down on Algorithmic Biases

    May 20, 2022

    BlackBerry Ivy: Enabling a New Age of Electric Secure Autonomous Vehicles

    May 15, 2022

    A Look At The Last Generation Of Internal Combustion Engines

    9.0
    July 14, 2016

    Review: Lenovo Yoga 900S

    9.5
    March 2, 2015

    Review: Asus Zenbook UX305 ultrabook

    8.0
    February 9, 2015

    Review: Burg 12 smartwatch

    9.7
    November 16, 2018

    Review: BlackVue DR900S-2CH Vehicle Dash Cam

    9.5
    September 2, 2015

    Review: Microsoft Band

    May 27, 2014

    Protect your family photos with ScanMyPhotos

    PopSpective
    Popular Posts
    9.0
    July 14, 2016

    Review: Lenovo Yoga 900S

    9.5
    March 2, 2015

    Review: Asus Zenbook UX305 ultrabook

    8.0
    February 9, 2015

    Review: Burg 12 smartwatch

    Adobe
    Adobe
    Adobe
    Adobe
    • RSS
    • Facebook
    • Twitter
    • Google+
    • LinkedIn
    • Instagram
    • Pinterest
    About

    TechSpective covers technology trends and breaking news in a meaningful way that brings value to the story, and provides you with information that is relevant to you. We offer in-depth reporting and long-form feature stories, as well as breaking news coverage, product reviews, and community content in plain English terms, and with a unique perspective on technology.

    PopSpective

    © 2020 Xpective, Inc.

    • About
    • Privacy
    • Advertise
    • Subscribe
    • Contact
    © 2021 Xpective, Inc.
    • About
    • Privacy
    • Advertise
    • Subscribe
    • Contact

    Type above and press Enter to search. Press Esc to cancel.