[tahanteada]

Turvamaailmas pajatatakse:

Fake Googlebots used to run application-layer DDoS
Security experts at Incapsula are observing a surge in the used of fake Googlebots to launch and carry out application-layer DDoS.

Googlebots crawl websites are the software used to index and rank the content of websites for the popular search engine. It’s not a mystery that the visits of Googlebots are not considered a possible indicator for activities related to cyber threats, for this reason principal defensive solutions don’t block this kind of traffic.

Anyway cyber criminals are aware that Googlebots traffic is considered harmless, so they start using spoofed Googlebots to launch layer-7 (application-layer) distributed denial of service attacks (DDoS). Fake Googlebots could be also used for site scraping and spam campaigns.

Researchers at security firm Incapsula have identified an increase in the exploitation of fake Googlebot visits to hit a targeted website with malicious traffic, it has been estimated that for every 25 Googlebot visits, companies are likely to be visited by a fake one. The experts observed over 400 million search engine visits to 10,000 sites, a total amount of nearly 2.19 billion page crawls over a 30 day period. Information about fake Googlebots comes from inspection of more than 50 million Googlebot impostor visits.

Nearly the 25% of spoofed Googlebots is used by hackers to run DDoS attacks, according to expert to Igal Zeifman, which explained that Incapsula’s technology protects its customers by identifying malicious Googlebots because Google crawlers come from a pre-determined IP address range.

Edasi juba lingil:
http://securityaffairs.co/wordpress/26947/cyber-crime/fake-googlebots-ddos.html