Scalper botnet has made it incredibly challenging for Israeli government entities to conduct essential services within the country.

What happened?

This time, scalper bots have hijacked and scheduled public service appointments at various government agencies, and then offered to sell them to aggrieved citizens, for a profit.
  • The bot's operators attempted to sell appointments for multiple government agencies for over $100.
  • The targeted government agencies include passport renewal, the Israeli Ministry of Interior, the Ministry of Transport, National Insurance, Israel Post, and the Israeli state Electricity Company.

Is Scalper’s rise connected to the post-pandemic travel boom?

When travel restrictions were lifted, allowing for the post-pandemic travel boom, the Israeli government was inundated with applications, resulting in a backlog of over 700,000 passport applications.
  • To tackle the situation, the software developers created an appointment scheduling bot named 'GamkenBot'.
  • The bot checks available appointments on the state's site (MyVisit) and books them automatically.

How scalping bot hijacked the mission

As and when the GamkenBot was made public, the malicious actors got hold of it and later modified its functions to steal all the available information.
  • The bots set up a Telegram group and later also offered "instant appointments".
  • Hackers used ticket bots to attack websites in three stages: a) Monitoring target websites and creating accounts; b) adding to cart, and c) automated checkout.

Mitigating the threat

  • The Israeli government was aware of the issue and even considered removing the online platform, but doing so would only have led to the cancellation of valid appointments and spread fear, compounding the already bad situation.
  • To beat the bots, the government website attempted to stop the scalpers by adding CAPTCHA on the booking page.
  • Instead, the bot developers bypassed this step in a couple of days by adding CAPTCHA solving functionality.


In order to beat modern-day bots, there is a need for advanced measures like device fingerprinting and behavioral analysis to detect trends, threats, and inconsistencies. 
Cyware Publisher