What a real Sneaker Bots attack looks like: A Deep Dive
In our last blog, we talked about sneaker bots–what they are and what drives them.
In this blog, we will explore how they work, what tools and methods they use and what a real attack looks like. Last but not least, we will look at the damage they cause and how to protect your e-commerce website from them.
The Tools and Tricks of Sneaker Bots
In the early days, using tech to “cop kicks” required actually building a stack of tools. You needed a scraper to pull in the information, pricing and inventory, and then a bot for automating purchases. You didn’t have to worry about making multiple tries from the same IP address because retailers were only waking up to the bot problem. This has evolved considerably.
Today so called all-in-one (AIO) bots perform scraping, automated purchasing and scheduling. Their systems are designed not only to find inventory and click “buy, ” but also to constantly evaluate shopping cart processes and update whenever those processes change. Increasingly, too, AIO tools incorporate steps to outsmart bot solutions and evade detection. The best AIO bots can target dozens or hundreds of stores, allowing a single user to literally scour the globe for sneaker deals. After purchasing the tool, sneaker bot operators usually can install a browser extension to activate the bot.
CyberAIO home page advertising its speed and showing it’s “sold out” status
The Tesla of sneaker bots is a tool called CyberAIO by Cybersole. Designed with a beautiful User Interface, CyberAIO is also a technically sophisticated product. Built ostensibly on top of a headless browser – a stripped-down version of a standard web browser – CyberAIO has loads of features that allow its operators to simultaneously target numerous sites and sneaker drops. CyberAIO users simply pick the sneakers they want to buy from a menu of upcoming drops, set a budget, and then sit back. CyberAIO covers over 170 sites, including not only sneaker retailers but also brand sites and streetwear companies like Supreme -another company that uses limited release items to drive awareness and brand perception. And CyberAIO just came out with Android and iOS versions of its software.
The bot acts autonomously. CyberAIO gets around the standard bot-blocking CAPTCHA tools by queueing up multiple CAPTCHA windows and allowing the human bot operator to quickly answer them, providing verification that allows the bot to complete the transaction. CyberAIO has a reputation for being incredibly fast. This is crucial because, in reality, it is competing more against other types of bots than against humans.
Just like most popular SaaS tools, CyberAIO has a community of thousands of users in Slack and its own Discord channel where users can share tips and expert users provide support. Getting CyberAIO is almost as hard as buying a pair of Travis Scott AJ OGs. The bot’s shadowy creator sells no more than 100 licenses per month at a price of over $300 apiece plus bi-annual subscription fees. Ironically, there is a hot secondary market for CyberAIO licenses which can be sold for nearly $3, 000.
Oculus AIO tool marketing page advertising automatic CAPTCHA solver
Another popular AIO sneaker bot, OculusAIO, actually provides artificial intelligence features to help its bots navigate security measures. It can automatically solve simple CAPTCHAs, circumventing that security measure. A quick Google search turns up dozens of sneaker bots and the major ones, like Cybersole and OculusAIO have tens of thousands of public Twitter followers. They are not afraid to poke fun at those who try to block them and their users like to publicly celebrate their kicks conquests.
Tweet from a CyberAIO user showing hot shoes bought with the bots
Another technology tool that smarter bot operators frequently pair with bots is advanced proxies. A proxy is basically an intermediary that sneaker bot operators use to hide their identity. Proxies supply sneaker sites with a variety of different IP addresses. A commonly used one is AU Proxies. These proxy services are also not technically illegal even though they are often used for malicious hacking attempts. Note that proxies are also a key tool for protecting privacy in countries with repressive governments.
Twitter page of popular proxy provider AU Proxies
More advanced proxies today not only act as intermediaries but they also use IP addresses assigned to residential Internet connections to trick bot mitigation tools into allowing multiple connections from the same bot operator behind the proxy. Because a residential IP is more likely to be a real shopper rather than a bot, sneaker sellers are reluctant to introduce friction into the sales process and so are less likely to require a CAPTCHA solution or to block traffic from this IP. Residential proxies sell for two to three times the price per month of non-residential proxies that use cloud server IP addresses from public compute clouds and hosting services. For both residential and data center proxies, CyberAIO, OculusAIO and other AIO bots can help a user test and configure proxies, and will check to make sure they are working well.
Pricing plans for residential proxies on AU Proxies page
Anatomy of a Sneaker Bot Attack
Attackers receive early guidance on which targets might be the most valuable from online exchange websites that post prices for upcoming sneakers not yet released. Once their targets are clear, a bot operator begins testing out a target site a few days before a major sneaker drop to make sure they can solve any challenges directed at them by the site operator trying to prevent bots from buying up the limited inventory. Unfortunately, this early testing is difficult to detect; it represents a minute amount of traffic and is hard to distinguish.
Prior to the shoe launch, malicious traffic by bots is generally well below legitimate traffic. Once a hot sneaker drops and the bot armies swing into full gear, that ratio reverses; malicious traffic can be twice or three times the volume of legitimate site traffic. This traffic quickly drops off after inventory is exhausted and the bots move on to other targets.
Let’s look into a sneaker bot activity from a traffic standpoint. In the graph below we see the traffic from two shoe releases on November 2nd from multiple well-known shoe retailer websites. The first shoe was the Adidas soft version of Yeezy 500’s, and the second one was the Nike Air Jordan 1 Retro High OG “Fearless. ” The red line shows the unwanted sneaker bot traffic, while the blue line represents the human traffic.
As can be seen on the graph, the Nike Air Jordan 1’s that were launched at 7:00am were much more popular, getting 3X of the traffic that the Yeezy 500’s saw at the peak. During the launch time of both shoes the sneaker bot traffic ranged between ~55-68% of the total traffic.
For both shoes, resell items appeared online quickly and at much higher prices.
Adidas Yeezy’s 500’s resale example:
Nike AJ1 Fearless resale example:
Looking carefully, one can also recognize third and fourth spikes in traffic. These are the result of a restock notification from various different monitors. Here is the third spike trigger, at 8:58 am:
And this one triggered the fourth and smaller one at 1:42 pm:
These later spikes, are harder to see and not as pronounced as the first two. The reason is that those restocks were unexpected, so the larger bot operators did not have enough time to prepare, as it takes time for a singular computer to spin up a network of proxies and co-locations.
Another thing we can see when taking a closer look at the traffic is the clear difference in the traffic pattern between bot traffic and human traffic. In the graphs below, we see the traffic a day before the launch, just before it starts to spike up. As we usually see when comparing automated traffic to human traffic, it is pretty clear that while human traffic tends to grow during daytime hours and drop at night, the unwanted automated bot traffic doesn’t show this pattern.
This is typical of this type of automated traffic – sneaker bots don’t go to sleep.
The Real Costs of Sneaker Bots
We discussed above how sneaker bots harm regular online shoppers and sneaker lovers by jacking up the prices. They also hurt the brands which dislike seeing their shoes go for such high prices on secondary markets. The bots harm the independent sneaker shops as well, because it forces them to take extreme steps to protect their online inventory.
Launch Day Failures, Jacked Up Bandwidth, Lost Sales
More broadly, sneaker bots can cost large and mid-sized internet retailers and shoe brands big money in a variety of ways. To start with, bots suck up huge amounts of bandwidth and can actually take a site down on sneaker launch day. This could cost a large retailer millions of dollars per day because the bot operators may make an entire site unavailable, shutting out buyers not only of the hot sneaker but also of any other item on the site. This forces retailers and brands to spend big money for CDNs, extra server capacity and extra bandwidth to handle the crush.
Wasted Employee Time
Security, web operations and site reliability teams of retailers and brands often spend hours combatting the effects of rampant sneaker bots. This can mean reconfiguring cloud services, dialing up and down bandwidth, tweaking firewall configurations and server capacity, creating special scripts to lock out bots and more. In reality, maintaining and tuning all the tools and infrastructure required to stop bots would also require multiple full-time employees, and retailers would still struggle to keep up with rapidly improving sneaker bots. In addition, support teams often waste time dealing with angry legitimate customers on social platforms complaining that they couldn’t buy the shoes they wanted. All told, bots can suck up dozens of hours of staff time per sale. That’s time which could be spent on other more impactful and less reactive activities.
The Benefits of Outsourcing Sneaker Bot Protection
There are numerous benefits to using a specialized bot mitigation service to monitor and block sneaker bots. Rather than struggling to keep up with all the rapid advances in bot technology in-house, relying on a specialized bot mitigation firm will afford retailers and brands more comprehensive protection because the firm’s dedicated team will be better able to keep up with bot developments. The firm, too, can share that requirement across a wide variety of customers, all of whom will benefit from the collective intelligence gathering; any new capabilities showing up in sneaker bots will be detected sooner and mitigation improvements can be implemented more quickly.
At PerimeterX, we have a long history of working with retailers facing sneaker bot attacks and we are constantly watching developments in bot technology. With the holiday season upon us, and the sneaker market growing both more liquid and more lucrative just as bots are getting faster and ever-more sophisticated, the winter sneaker drops could cause a botpocalypse for unprepared retailers and brands – unless they get ahead of the curve on sneaker bots and make sure their Travis Scott Air Jordans don’t get the rapid-fire CyberAIO treatment.
The Best Guide to Sneaker Proxies You’ll Ever Read – IPv4 …
The online world has evolved greatly over the past two decades. Ever since technology was created to process credit cards (not so securely) online, the internet has been booming. Seemingly, every day, there’s something new and cool to find. Whether you’re looking for that brand-new espresso maker or need to hire a freelancer to get a project done, the digital world has got you covered every step of the way (for the right price of course). Now on to the goods: Sneaker proxies, what they do, how they work and why you’re likely in need of one if you came to this page.
Read on to learn more.
At IPV4 Depot, we offer unlimited IP rotations out of massive IPs pools with dedicated regional datacenters that eliminate this hassle. Find the sneaker proxies you need today!
First things first. What the hell is a sneaker proxy? A sneaker proxy is aptly named after the slang term for popular tennis shoes, aka “sneakers. ” Its original design was to enable the buying of multiple pairs of limited-edition shoes online, but these same proxies can also be used to trick the system and get more likes on social media, buy multiple pairs of concert tickets, and can be furnished for numerous other practical, if not semi-unethical, ecommerce operations that work in your favor. In reality, a sneaker proxy is a fancy term for a way to host multiple IP addresses. It gives users a way to access multiple products, like tickets for a show, or (hint-hint) multiple pairs of limited-edition Air Jordan specials where only one purchase per customer is allowed.
Let’s say you were trying to get your hands on a fat stack of the next batch of Rolling Stones tickets to hit town, so you could resell them for a handsome profit, something frowned upon by vendors like Stub Hub. A sneaker proxy would be your only way to obtain more than the individual allowed amount. That’s because a sneaker proxy would mask your actual IP and let you use multiple IPs to buy as many tickets as you wanted, without risking a ban or a cancelled sale. Naturally, human beings can only work so proficiently, so the ideal pairing is a sneaker proxy with an automation bot; almost like a glass of fine red wine with a nice NY strip. But we’ll get to that later.
Before you can have a sneaker proxy, you’ll need a sneaker server. “Great, ” you’re probably thinking, “this really mucks things up. ” If you want to beat websites at their own game by gaming the system, you’ve got to bring your a-game. Sneaker proxies have to be powered (to be useful) and that power comes from a dedicated sneaker server. A sneaker server is going to be your central hub for creating sneaker proxies. Without it, there isn’t a way to get the proxies you need.
A sneaker server helps you by working with the proxies you are using. Good sneaker servers come with nearly unlimited bandwidth and offer plenty of RAM to keep the engine chugging along from purchase to purchase. You’ll want something fast and reliable, too, because your primary goal is to get the things you want using sneakers and then log off undetected. This way, you’re all that much richer and the seller or sellers are none the wiser that there may be middleman antics taking place.
It’s important to note that a good sneaker server is versatile and can work alongside your desktop or mobile device. This is ideal for when you’re on the go and get that sudden Google alert that your favorite concert tickets went on sale, or that an Instagram model you’re promoting suddenly needs 500 likes sent her way on a new post… or else (you don’t get paid). One last note about sneaker servers is that they work with the best sneaker bots on the market, allowing you to create a fully automated and programmable campaign that gives you the upper hand in any limited buying scenario you might come across online; even if you do it from your mobile device while eating lunch.
You can’t be a sly fox without being slier than the rest of the pack. Here’s where a sneaker bot enters the equation.
What is a sneaker bot and how can it help you notch serious wins online? Well you should already be familiar with bots if you’re using any sort of online service. They exist everywhere with the most popular and commonly used version being a chat bot. But sneaker bots are quite different than this.
Sneaker bots connect to your dedicated sneaker server and use your sneaker proxies to automate the buying process in a method that—when properly designed and implemented—is nearly undetectable and far more streamlined and superfluous than any sluggish human touch could ever hope to be. Bots use the power of your sneaker server, combined with the cloaking of your sneaker proxies, to eliminate the human condition from your process. That’s pretty slick, Rick.
There are countless types of sneaker bots out there that you can consider adding to the equation to make your efforts… well, seemingly effortless. One such bot is called the Better Nike Bot (note the parodical name). Yet another multiuse sneaker bot is called the Airbot. Both serve a similar purpose, and both offer robust features and sweet, sweet automation.
With sneaker bots, like the Better Nike Bot, you can careen ahead of other, eager, human shoppers or social media likers with its auto CAPTCHA solver. You know, those annoying puzzles that you’re forced to solve to prove that you’re “human” … well those are a nonissue thanks to new bots and their automation and technology.
Even better? Many bots have high success rates with solving these lame CAPTCHA puzzles, too, with most boasting 98% success rates or better. So, if you do decide to bot your sneakers, make sure the bot you use works with your dedicated sneaker server, your sneaker proxies and your mobile device, and that it can automatically solve these superficial CAPTCHA puzzles with ease.
So… you got yourself a nice sneaker bot and dedicated sneaker server and you’re ready to go to town online and get those limited-edition shoes, high-demand tickets or what-have-you. You’re going to want to slow your roll, though, grasshopper, and really rethink adding sneaker proxies to the mix first.
Here’s why:
Without a sneaker proxy, you’ll just be pinging the server with the same detectable IP address numerous times. When this happens, it will be obvious that you are trying to trick the system. The website you’re attempting to trick will automatically shut you down and often this will result in a block on the IP of your dedicated sneaker server. This means you won’t have that slick pair of new shoes (or seven additional pairs to sling for serious bling on eBay afterward); and you won’t have meet and greet tickets to the Stones (in every city); and your Instagram influencers will stop paying you because your likes won’t count.
You can avoid this calamity by getting a little geeky. This geekiness is found in a Star Trek-like cloaking device for your server and your little bot buying friend. It’s found in the form of sneaker proxies, which cloak you like the U. S. Enterprise-D (yes the Federation in the future allowed experimentation with cloaking, look it up) and make your real IP undetectable while giving you loads of fresh, unique and real IPs that you can use instead. Now your closet can be filled with new Air Jordans, or your wallet can be thick with the cash you made from hustling them afterward. The choice is yours, but at least you’ll have a choice.
But… the trick is in making your sneaker proxies work. If you don’t know what you’re doing, they’re not going to be doing you any favors and you’ll still end up getting blocked or banned. So here’s what you need to look for.
There is no such thing as a $1 burger that tastes good or is even remotely good for you. So how good do you think a free burger would taste? McDonald’s tosses their unused, ready-to-eat $1 burgers once per hour into the dumpster. Now imagine grabbing that thing out of the smelly dumpster and telling yourself, “Hell yeah, this is free! ” and chowing down. Sometimes free isn’t the best option. When it comes to your proxies, free is almost always a no-no and can sometimes lead to a disastrous mistake. But why?
One reason is because hackers like to host free sneaker proxy galleries and often host public proxies that are free, too. They’re not trying to help you. Rather, you’re helping them in the form of bit coin mining, stolen identity or even stolen purchases (say goodbye to those Yeezy’s). So, unless you are fond of all these bad things, or if you just love eating burgers from the trash can, steer very clear from free proxies of any type.
Even if you do happen to find a legit free proxy, the chances of it helping you are slim to none. One reason is that most free proxies are slower than my 96-year-old grandma is behind the wheel of her 82’ Caddy. Another reason is that most of these so-called “free” sneaker proxies have been well documented by major ecommerce stores and social sites, effectively rendering them, and all the IPs they serve, useless for your cause. Case in point: There’s no such thing as a free lunch, unless you’re eating from the garbage.
Now that you know free isn’t good, another thing you need to know about are rotating sneaker proxies. Since a proxy will mask who you really are, you’re one step closer to making all the limited-edition purchases you like. But unless it’s a rotating proxy, it will still display the same static IP address, keying the server you’re buying from that you’re the same person. That is, unless (drum roll please), you use rotating sneaker proxies.
A rotating proxy renews its IP address every so often (usually every 10 minutes or so, depending on the premium plan you have). When it does this, it assigns you a new IP. You can then use that new IP to make new purchases, take new actions, get new likes and so forth. You can take things a step further by batching packages of proxies and self-rotating them. This little bit of elbow grease will go a long way in fooling any server you’re buying from into thinking that you, and your other 20 proxies, all deserve a new pair of those limited-edition kicks. Lucky you.
Your proxy and server location matter because of digital latency. If your proxy is hosted in one region but your server is hosted in another, you have annoying lag that will affect the speed of your purchases and the efficiency of your sneaker bots. Even one-tenth of a second in latency can result in you missing out and not securing your ten well-earned spots in the line. At IPV4 Depot, we offer hosted VM solutions that connect to major cellular networks that allow you unlimited IP rotations out of massive IPs pools with dedicated regional datacenters that eliminate this hassle.
The country of origin is a critical element to a sneaker proxy working in your favor. Sure, you can save a few bucks buying a proxy or a proxy package in a land far, far away. But it won’t do you any favors and puts you in the same boat, or nearly, as someone who’s looking for a free proxy. Free isn’t good. Cheap isn’t much better. And if you’re not using a proxy from a legitimate origin, you won’t be getting those shoes you wanted. It’s that cut and dry.
The only thing greed ever did was break the old man’s back. In your head, you might imagine how much money you’ll make profiting off those limited-edition shoes you just hustled 20 pairs of. This might tempt you into flooding purchases or requests into the host server. But the result won’t be what you envisioned, and most often your purchases will be blocked.
Instead, take your time configuring your sneaker bot, limit your requests to something realistic, set reasonable breaks and let the sneakers slowly flow into your mailing address. Do this, and you won’t get banned by the server you’re shopping on.
All ecommerce sites are different. Some require more navigation than others do. Some don’t. Knowing exactly where to direct your sneaker bots is helpful when trying to skip to the front of the line over and over again. Some due diligence on your part will go a long way for your wardrobe and your profit margin when reselling those hot shoes or tickets, etc.
Make sure you test the payment methods that you’re going to use before you race to suck. If you’ve dedicated a new credit card with a sweet limit just for these large-ticket purchases (which is a crafty plan that can help you get even more pairs of new kicks that you can later markup and resell), kudos. But if you haven’t activated that card, tested it on multiple purchases and made sure that it won’t get flagged for fraud on card-not-present online transactions first, you’re racing to suck.
Rather, test your card out. Make sure you have the limit that you need for these next purchases. Contact your credit card provider and let them know you will be making multiple larger purchases for your wardrobe in the near future and to not flag the charges. Think ahead of the game, and you’ll be sitting pretty when your orders go through as planned; and when your credit card issuer honors the payments instead of flagging the purchases.
It’s safe to say that most of us hate ads. Unless, of course, it’s an ad for that new pair of shoes you’re craving. The point here being that you want to avoid, at all costs, proxies that feature ads. One reason is that ad-prone proxies are generally free (see above for why this is a no-no). Another reason is because ads create massive lag with proxies. Typically speaking, you have mere seconds to secure your spot in electronic line to get those new sneakers. If you’re being frugal and using proxies that serve ads, this won’t be a reality for you. But you might see a cool ad for the sneakers you almost purchased.
Speed is the name of the game when it comes to proficiency with sneaker proxies. Lots of people want to use proxies, but few of them actually know how to test the speed of them. But we’ll let you in on a little secret: there’s a simple way to test proxy speed by using a proxy harvester called: Scrapebox.
Among many of its features, Scrapebox offers these:
Multi-Threaded Connections
Filter by Country
Filter by Port
Filter by Speed
Add Custom Sources
Classify Sources
Custom Testing URL
Auto Save
Automator Support
Unless you want your identity stolen and sold to the highest bidder on the Dark Web, make sure you’re only using secure proxies. Secure proxies have verifiable security certificates and run under the HTTPS banner. This makes it very difficult for a hacker to sniff or intercept your data packets. Considering that you’ll be making purchases using your personal and financial information online, it’s mission-critical to ensure that the connection you’re using, both to and from the ecommerce server that you’re buying from, is as secure as possible. Don’t say we didn’t warn you!
The whole point of a proxy you buy is that it’s your masked IP. Think of it as your passcode to countless new pairs of limited-edition sneakers, those fancy concert tickets nobody else was able to get, a thousand new likes on a band page that you sold on Fiverr, and so much more. This isn’t going to happen for you, though, if you’re sharing your proxies with all your friends. It might be tempting to help them out, but you’re a businessman not a good Samaritan. To keep your proxies fresh and working the way you want, make sure they’re only being used by you and nobody else.
Now that you have a better idea of what sneaker proxies are, how they work and why you might need them, let’s review.
Sneaker proxies are a convenient way to mask your IP address so you can make multiple purchases online of limited-edition shoes, and some other really cool stuff, too.
A dedicated sneaker server will increase speed and help you get to the front of the line quicker, but it has a static IP, which is why you need proxies, so you can get multiple IPs.
Sneaker proxy bots are the most efficient way to automate the buying process, but require some time setting up, including multiple billing profiles, site tasks, timing, breaks, and automation workflow.
Secure proxies are the only proxies you want to use, ever, unless you want your identity stolen.
Your proxy server and location matter, and you generally want them in the same region and hosted at the same data center to avoid latency and lag.
Make sure you test any payment method before buying, so your purchases are honored by your card issuer.
Avoid free proxies like the plague.
Need even more tips? Take a look at our related guide: The Ultimate Guide to IPV4 and 4G Residential Proxies
At IPV4 Depot, we offer unlimited IP rotations out of massive IPs pools with dedicated regional datacenters that eliminate this hassle. Find the sneaker proxies you need today!
Sneaker Proxies – AIO bot
SNEAKER PROXIES
Sneaker proxies allow you to have multiple IP addresses, meaning you can help avoid bans and order cancellations. With the increase of hyped releases, it could be tricky to come across trustworthy sneaker proxies that actually work. Reliability is king when it comes to shoe proxies.
PREMIUM DCs
Created specifically to maximize your copping power on limited edition sneaker releases on Footsites.
Optimized for Most Sites
Dedicated Residentials
Supports Footsites
30 Days Expiry
RESIDENTIAL PROXIES
These proxies are specialized in copping Sneakers in General. They have worldwide Locations and Low Ban rates.
Optimized for Sneaker Releases
Bandwidth Base
SUPREME PROXIES
Defy infamous Supreme sellout times with Supreme proxies located near Supreme sites for maximum efficiency.
Optimized for Supreme releases
Dedicated Supreme Proxies
Supports Supreme US
One Month
ANB Beta DCs
These Proxies are our AIO Proxies, they support most sites and they will fit around the month!
Optimized for General Releases
LA or Buffalo
Dedicated DC Proxies
One Month
Frequently Asked Questions about how do proxies work for sneakers
How does a sneaker proxy work?
In reality, a sneaker proxy is a fancy term for a way to host multiple IP addresses. It gives users a way to access multiple products, like tickets for a show, or (hint-hint) multiple pairs of limited-edition Air Jordan specials where only one purchase per customer is allowed.Sep 17, 2019
How long do sneaker proxies last?
We’ll show how to activate and deactivate the AIO proxies after placing the order, note that the proxies can last for 24 hours, you can activate them or freeze the activation. See the steps below!Feb 3, 2021
How do proxies work for sneaker bots?
What is a sneaker proxy? By and large, sneaker proxies are no different from any other proxies. They receive your connection request, forward it to a sneaker server, and change your IP in the process. Yet, many tasks and not enough proxies is what gets you banned.Aug 2, 2021
