The Israeli government is in shambles after Scalper bots infection

July 4, 2022
Israeli Government Scalper Bots Infection Gamken Bot

The Scalper botnet has put the entire Israeli government in the dark after cyber espionage attacks had impacted many of the country’s important sectors. Based on reports, the Scalper bots have breached, hijacked, and scheduled service appointments at several Israeli government departments and offered to sell them to indignant citizens. Experts noticed that the items provided were mainly for the financial profit of the threat actors.

The botnet operators tried to sell the hacked appointments to several government agencies for more than a hundred dollars. The targeted government agencies include passport renewal, National Insurance, Israel Post, the Israeli State Electricity Company, and the Ministry of Transport.

 

The recent surge involving the Scalper bots may be the outcome of the travel demand after the pandemic.

 

According to the researchers, the lifting of the travel restrictions allowed numerous scams that are related to travelling, one of which is the Scalper botnet. The Scalper’s effect on Israel is the massive wave of applications, resulting in a backlog of more than 700k passport applications.

Fortunately, the software developers designed an appointment scheduling bot to deal with the ballooning number of applicants. The scheduling bot was named by its developers as GamkenBot. This bot will review the available appointments on the state’s website that will book applicants automatically.

However, the malicious threat actors managed to hijack the GamkenBot after it was released publicly by the Israeli government. The adversaries altered the bot’s functions and stole all the available information. After the hijacking incident, the Scalper developed a Telegram group and offered instant appointments.

The Israeli government knows the current issue and considered deleting the platform. However, the government was hesitant to take down GamkenBot since it could lead to the cancellation of valid appointments. In addition, the cancellation could rub the citizens the wrong way and cause fear, resulting in an uneasy situation.

The government website tried to obstruct the plans of the scalpers by adding CAPTCHA on the booking page. However, the bot developers skipped this step instead of adding it to the same day as the platform’s development.

Experts suggest that the government should have advanced preventive measures, such as device fingerprinting and behavioural analysis, to detect or stop these modern-day botnets.

About the author