Companies across industries are seeing more bot-driven attacks, both basic and advanced, according to DataDome. An analysis of over 14,000 websites uncovered alarming gaps in protection against cyber fraud, particularly within consumer-centric industries. E-commerce and luxury industries are prime targets for cybercriminals More than 65% of websites are unprotected against simple bot attacks, and 95% of advanced bot attacks go undetected on websites. Consumer-centric and digital native industries are prime targets for cybercriminals and have … More → The post 65% of websites are unprotected against simple bot attacks appeared first on Help Net Security.
“According to DataDome”. A company who sells that as a service.
More likely, they just don’t have any obvious protections that DataDome’s lazy engineers could identify. They probably just checked IP ranges to see if the services were proxied by DataDome, Cloudflare, or another such service.
I don’t trust anything DataDome says, because they are a known shitty service. They will arbitrarily block users, intercepting their requests to show a captcha page. Then, after the user correctly solves the captcha, they are directed to a page which reads simply “You have been blocked.” There is a fake contact form at the bottom of the page, which submits appeals into a black hole.
Here’s an example of the block page. This user is connecting from a proxy, so the block is expected, but DataDome is known to block residential IP addresses arbitrarily.
Given the rates with which bots scan things, that number seems pretty ridiculous, especially coming from a bot scan company.
Not that it isn’t a big number, though. And new holes come up regularly.