Scalper Bots Attack DDR5 Memory Supply as AI Demand Triggers RAMpocalypse Across Markets

Memory scalpers hunt scarce DRAM with bot blitz

We can remember it for you wholesale, and sell it back to you for big bucks Web scraping bots are increasing the pressure on the tech supply chain by scouring sites for DRAM, so their minders can snap up increasingly scarce inventory and resell it for a quick profit. DataDome, an online security biz, reports that its Galileo threat team spotted a large-scale data gathering operation that has submitted more than 10 million web scraping requests in an effort to find sellers carrying desirable DRAM stock. The bots have been hitting select sites every 6.5 seconds to query inventories of DRAM and raw hardware components like DIMM sockets. And the people behind the crawlers appear to be using AI tools to enhance the effectiveness of their scraping runs. "Fraudsters will combine various tooling and commodities to perform fraud at scale, but it's not always obvious what they are using, or for which purpose," said Jérôme Segura, VP of threat research at DataDome, in an email to The Register. "Having said that, we have observed threat actors discuss the use of AI to reverse-engineer anti-bot protection or to automate scripting tasks. AI is unique in that it gives leverage from script kiddies all the way to professional scrapers." According to DataDome, the inquisitive bots have been hitting DRAM product pages on e-commerce sites at a rate almost 6x more often than legitimate users and friendly crawlers. And these memory sniffers have been relying on a technique known as cache busting to ensure they get the most up-to-date information. Cache busting involves appending parameters to page requests so they appear different from prior requests. This ensures that the server loads the latest product information instead of serving cached data that may not reflect current product availability. The bots are also tuned to throttle their requests to an acceptable rate - presumably tested in advance - so they don't get rate limited. The bot campaign appears to be focused on identifying available DRAM, and doesn't involve automated purchasing of memory. But acquiring memory for resale is the plan. "By rapidly snapping up the limited DDR5 memory inventory for profitable resale, these bots further deplete the consumer supply, effectively boxing out legitimate customers and driving market prices even higher," the DataDome report says. DRAM, specifically DDR5 memory, has been in short supply since last November, as accelerating infrastructure deployment from hyperscalers and AI giants has increased demand for memory. The resulting memory drought is expected to double the price of DRAM in Q1 2026, and to increase the cost of NAND too. With so much supply spoken for by large cloud providers, mid-tier and smaller cloud vendors have been forced to raise their prices, as Hetzner recently did. The starved supply chain is also expected to limit entry-level PC and phone shipments. ®

Scalper bots are now scraping DDR5 memory supply chains as AI data centers consume more RAM

Serving tech enthusiasts for over 25 years. TechSpot means tech analysis and advice you can trust. Bottom line: AI data centers are swallowing so much of the world's memory output that automated scalping operations are now crawling the supply chain itself, from retail DDR5 kits to industrial-grade modules and connector components. A recent campaign uncovered by bot-mitigation firm DataDome shows how web scrapers tuned for RAM pricing can quietly hit product pages tens of thousands of times per hour while staying just under conventional defense thresholds. DataDome reports that a single scalping operation has been hammering memory listings with requests every 6.5 seconds, averaging more than 550 automated hits per page and exceeding 50,000 requests per hour across targeted sites. In total, the company says it has blocked more than 10 million requests from this one bot, all aimed at extracting fresh pricing and stock data for DDR5 RAM and related components. The crawler is not limited to consumer-facing SKUs. According to DataDome's analysis, the bot enumerates multiple tiers of the memory pipeline, including DIMM sockets, CAMM2 connectors, and industrial memory modules typically sold in B2B environments. That targeting suggests an interest not only in reselling finished kits, but in monitoring constraints on upstream parts as well. To reduce the chance of detection, the operators use a day/night request pattern that mimics human browsing rhythms, with traffic that appears to follow a daily cycle but actually remains unnaturally flat and calibrated. Request rates are tuned to stay just below volumetric alert thresholds that many e-commerce and distribution platforms use to flag abuse. The campaign relies heavily on cache-busting. Each HTTP request appends unique parameters so that servers treat the visit as a fresh page load rather than serving cached content, guaranteeing up-to-the-second pricing and stock information instead of stale data. Sessions are short and mechanical: a single product page view followed by an immediate exit, no cart interaction, no search queries, and no lateral movement through the site. Despite the human-like pacing, several signals point clearly to automation. Traffic focuses almost exclusively on RAM listings and does not shift toward other categories, even when a site offers a full catalog of hardware. There are no organic usage patterns such as reduced traffic on weekends or peaks during early evening hours; instead, volumes drop sharply only when the bot encounters a technical issue and then snap back to full capacity once the issue is resolved. That kind of step-function behavior is not seen with human users, who respond more gradually to outages or latency. The campaign's focus on DIMM sockets highlights how sensitive the market has become to component-level constraints in the DDR5 ecosystem. Traditional desktop and server builds still rely on standard DIMM slots, so probing socket availability can provide an early signal of which platforms and vendors are about to face tighter supply. CAMM2, the newer Compression Attached Memory Module standard, is also in scope. CAMM2 is designed to deliver high-density memory in thinner form factors, particularly for laptops and compact systems, and its adoption ties directly into next-generation client devices and some edge compute designs. Monitoring CAMM2 connector and module inventory gives scalpers a view into a segment where supply is narrower and design wins are still concentrated. Industrial memory modules add a different angle. These parts target embedded, networking, and industrial PCs where extended temperature support, long-lifecycle availability and stringent reliability requirements matter more than peak bandwidth. Scraping industrial SKUs and B2B catalogs suggests that the operation is not limited to gaming rigs or enthusiast builds, but is also tracking hardware that underpins infrastructure and operational technology. The DDR5 campaign fits into a pattern that has played out across multiple hardware launches and limited-run products in recent years. Scalpers have already driven up prices for Sony's PlayStation 5 Pro 30th Anniversary pre-orders, with resale listings reaching three to six times the original pricing on secondary marketplaces. High-end GPUs have followed the same trajectory: Nvidia RTX 5090 cards were listed for up to 2x to 3x their MSRP days after launch, while limited edition MSI RTX 5090 Lightning Z boards have appeared at premiums approaching 500 percent. DDR5 has already seen aggressive arbitrage. One analysis of eBay listings for high-end kits found retail prices climbing from around $118 to roughly $430, with scalpers then reselling the same kit for more than $830 - over seven times its original value before shortages set in. Other configurations have sold for well over $2,000 once layered markups compounded earlier price increases. Behind the scalping is a shift in memory supply toward hyperscale and AI workloads. Industry forecasts indicate that data centers are on track to consume about 70 percent of the world's memory chip output in 2026. That shift is already constraining stock for other segments, from consumer PCs to automotive and consumer electronics that still rely on a mix of legacy and newer DRAM. Manufacturers such as Micron, Samsung, and SK hynix are under pressure to bring new fabs and production lines online, but greenfield memory facilities typically take years rather than months to build, equip, and ramp. In the meantime, any shortage at the die level amplifies quickly through sockets, connectors, and finished modules - exactly the points the scalping bot is tracking.

AI is competing with humans to buy DDR5 memory amid the RAMpocalypse caused by its owns appetite for memory

Automated scalpers targeting everything from RGB kits to industrial memory modules * Scalpers are targeting DDR5 RAM as AI demand tightens global supply * Automated bots hit DDR5 listings six times more than real shoppers * Over 10 million scraping requests were blocked in a single campaign You've likely seen the chaos scalpers can cause, as limited-edition sneakers, flights, major concert tickets, and the PlayStation 5 have all seen prices soar as bots snap up stock in seconds and flip it for profit, effectively shutting ordinary buyers out of the market. DDR5 RAM is the latest target for scalpers, as facing mounting shortages, automated buying tools are moving in fast, making a bad situation even worse. The surge in AI workloads is driving the squeeze. Training large language models and running inference servers requires vast amounts of memory, and manufacturers are shifting production toward higher-margin AI-focused products such as HBM, tightening consumer DDR5 supply in the process. 10 million blocked scraping requests Recent research from the Galileo threat team found scalping bots are hitting DDR5 product pages almost six times more often than legitimate shoppers. In one campaign alone, more than 10 million scraping requests were blocked. In a one-hour sample, bots made 50,000 requests across 91 DDR5 listings. Each product page was checked an average of 551 times, which translates to stock checks every 6.5 seconds. This wasn't limited to flashy RGB kits for PC enthusiasts. Bots targeted the entire supply chain, from consumer modules by Corsair, Crucial, Kingston, and Lexar to OEM and industrial suppliers like Micron and Apacer. Even upstream components such as DDR5 DIMM sockets from Amphenol and TE Connectivity are being monitored, pointing to strain across the entire supply chain. The automation is deliberate. Nearly every request carries cache-busting parameters, sessions consist of a single page hit and exit, and there's no browsing or cart activity. Traffic runs in a flat, mechanical pattern seven days a week. When technical hiccups occur, activity drops instantly and then snaps immediately back to full volume, a rhythm no human shopping pattern follows. Just like with sneakers and consoles, automated buying is locking out regular customers. The difference here is that the frenzy isn't fueled by hype, it's fueled by AI infrastructure. Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button! And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

AI memory gold rush sparks high-speed bot assault on DDR5 inventory - SiliconANGLE

AI memory gold rush sparks high-speed bot assault on DDR5 inventory A new report out today from cyberfraud protection startup DataDome SAS warns that surging demand for DDR5 memory, fueled by the artificial intelligence boom, has triggered a wave of automated scalping activity that is overwhelming online retailers and distorting supply. The report details how bots are now hitting DDR5 RAM product pages nearly six times more often than legitimate users and benign bots. In one campaign, fraudsters were observed generating more than 50,000 scraping requests per hour. Across the broader activity set, more than 10 million scraping attempts were blocked as attackers sought to monitor inventory and pricing in near-real time. AI is the root cause -- more specifically, AI's insatiable appetite for memory. Training large language models, running inference servers and supporting always-on AI workloads require massive amounts of RAM capacity. Amid the ongoing AI boom, that demand is pushing the price of high-performance DDR5 modules sharply higher. Thrown into the mix is that manufacturers have also shifted production toward higher-margin server-grade memory for data centers. That has tightened the supply of consumer-grade modules and created the kind of scarcity that attracts arbitrage. In a one-hour sample detailed in the report, 91 unique DDR5 product listings were scraped an average of 551 times each, equating to stock checks for a specific RAM kit roughly every 6.5 seconds. According to DataDome's Galileo threat research team researchers, the pattern strongly suggests automated price monitoring systems designed to purchase inventory instantly and resell it at inflated prices on secondary markets. The bots observed were not limited to scraping consumer-focused brands such as Corsair Gaming Inc., Crucial (Micron Technology Inc.) and Kingston Technology Co. Inc. But it also targeted industrial and original equipment manufacturer providers, including suppliers of DDR5 SDRAM, server modules and even hardware components such as DIMM sockets. The scalping pressure is affecting the entire DDR5 ecosystem, ranging from raw components to finished retail kits. DataDome's researchers also observed efforts to evade detection, with nearly every request including cache-busting parameters to avoid being served cached content. Sessions consisted of a single page hit followed by an immediate exit, with no cart activity or search behavior. Traffic patterns followed a human-like day-and-night rhythm but maintained flat, highly calibrated peaks that hovered just below typical volumetric alarm thresholds, which suggests that the attackers have tuned their scraping speed to avoid triggering defenses. The report concludes by suggesting that traditional IP blocking and simple rate-limiting are increasingly ineffective against such operations, particularly when bots operate through legitimate infrastructure. "Traditional security measures that rely solely on IP reputation or simple rate-limiting are virtually blind to these modern attacks," the researchers write. "If a WAF simply blocked IP ranges to stop this attack, it would break legitimate services and block real users." The researchers argue that advanced behavioral analysis is now required, analysis that is capable of identifying impossible traffic consistency and 24/7 precision.