Inside the Black Market for Bots That Buy Designer Clothes Before They Sell Out

Hacker finalphoenix kept getting beaten by bots buying designer clothes. So she built her own, but stumbled into a massive ecosystem of shady resellers.
Image: Getty Images

The hacker finalphoenix had a problem. Whenever she would go online to buy limited edition designer clothes, they would sell out before she had time to buy them.

"I was very frustrated, because whenever I'd try to buy something that was relatively cool on Instagram, it was always sold out," she told Motherboard at the recent annual hacking conference Def Con.

But finalphoenix had an idea. What if she could automate the process of buying the clothes instead, letting her get in front of other people?


"If I just do this one time, I won't be a bad guy," she recalled thinking.

She built a quick tool with Javascript framework Jest, Python, and the web scraping module BeautifulSoup, got it running, and it worked, finalphoenix said. She got hold of a dress.

But finalphoenix had stumbled into a lively ecosystem of hype bots—bots just designed to grab clothing, probably to impress others—scrapers, and resellers, some who use black hat tactics and bribery to get what they want to turn a profit. Some of these bot creators sell their services and customer support to people who don't have the technical know-how, but just want to get items that are in high demand. She presented those findings at Def Con this month.

Motherboard has previously covered how these sorts of tools are used in the sneaker market, and how one of the most illustrious ticket resellers changed his ways to then battle against similar sorts of bots.

Do you use bots to buy items online? We'd love to hear from you. You can contact Joseph Cox securely on Signal on +44 20 8133 5190, Wickr on josephcox, OTR chat on, or email

A tool for beating others to buying the items you want consists of three main components, finalphoenix explained. A monitoring bot, which scouts the target websites for new items; an account creation part, which will make a load of accounts on the site so you have a higher chance of pushing through the crowd as you control more of it; and a purchase bot, the part that actually orders and pays for your item. Users will also need to get some server space to run their bots.


Hiding from the clothes websites that you're using a bot is a bit more complicated; companies will likely ban you if they suspect you're scraping their website. Here, buyers need to use different accounts, proxies to route their traffic, and other technical means as workarounds.

This can be somewhat technical, so when buying a bot, a user also typically gains access to a private Discord server, where other users act as technical support, helping them setup the infrastructure necessary for scraping.

And these bots aren't necessarily cheap. Some sell for up to $1500, finalphoenix explained. Subscriptions to the Discord servers can cost $15 to $20 a month, she added.

"They will build communities to write scripts together," finalphoenix said.

But beyond individuals who just want to get dresses or sneakers because they sell out, there is the booming reseller market competing for purchases too, who sell thousands and thousands of products.

Some people have insiders at companies that will leak information about upcoming clothes, and the unique product ID needed to quickly spot them as they're listed online. They provide Excel spreadsheets and schedules from inside the companies, too. Some will pay off people in stores, finalphoenix said.

"For the resellers, especially on the scale that I see within China, where they have thousands and thousands of products," she added.

There is even a reseller market for the bots themselves too, with others selling access to the tools for a profit, as sometimes the bot developers limit access with keys that they only release a few hundred at a time. This is so their tools can still fly under the radar.

"It really pushes a black market," finalphoenix said of the bot ecosystem.

Her slides add, "This ain't a scene; it's an arms race."

Subscribe to our new cybersecurity podcast, CYBER.