Saturday , July 19 2014
Whatz Hot :-
Home / Internet / Hackers Mimic Googlebots for DDoS Attacks

Hackers Mimic Googlebots for DDoS Attacks

Google is the VIP of the bot world. Just like any other VIP, he enjoys some special privileges, one of which is a having unhindered access to almost any page, on any website on the web. However, as a recent case-study by a ddos protection firm Incapsula shows, some will try to abuse Googlebot’s VIP status to pass under the DDoS protection radar.

What makes Googlebot a VIP?
Googlebot is an official Google agent and an intermediary between your content and Google’s search engine. It is only by allowing Googlebots to scan your site that you become eligible to appear in Google Search Pages (SERPs), which is – needless to say – a pretty big deal.

This is why Googlebot has special VIP access to almost all of the existing webpages.  After all, if you own or manage a website, you will always consider Googlebot to be your best friend and when it comes knocking you`ll always do your best to keep you doors wide open.

Why Hackers are interested in Googlebot?
All hackers are looking for ways to circumvent traditional security barriers. As previously mentioned, hosts typically give Googlebots full access to their information. Unfortunately, hackers see this routine process of ‘opening the gates’ as an opportunity to be exploited. As Incapsula’s study shows, these troublemakers will try to mimic Google to bypass low-level security measures. The more sophisticated infiltrators even mimic the crawling activity of normal Googlebots, to get past some of the more intelligent defenses.

DDoS Attackers with Googlebot IDs
Incapsula’s case study demonstrates a case of “Googlebot DDoS”, which occurred at the end of 2013. The documented attack targeted a moderately sized commercial website which suddenly received a significant spike in requests. At the height of the DDoS attack, the site averaged close to 1,500 requests per second from Google-like bots, more than enough to crash most servers.
ddos5 Hackers Mimic Googlebots for DDoS Attacks
The first warning sign detected by Incapsula’s security system was suspicious HTTP header data. Although the attacker was smart enough to use Google user agent, the header data still contained major inconsistencies, which were picked up by Incapsula’s bot identification algorithms.

Next, Incapsula determined that the IP and ASN information were not from Google sources. Taken alone, this evidence causes concern to a host but not quite enough to condemn (as many good SEO bots also mimic Google crawlers).

Finally, the security system took a holistic view of traffic flow and concluded that the surge of suspicious behavior was indeed malicious.

With this triangulation of warning, Incapsula DDoS protection intervened and stopped the DDoS attack before it could flood the site’s servers. Overall, nearly a million fake Googlebot requests were vetted and sorted by the Client-Classification Process, while still allowing non-malicious traffic to pass through to the site.

Wanted: Some Smart DDoS Protection

With the evolution of cyber attacks, a strong network is not enough to protect your website. Advanced security systems must be able to differentiate between various types of bot activity like those seen in Application Layer DDoS attacks.  Also, you should try not to trust bots too much, even if they call themselves Googlebots.

10 comments

  1. Wavatar

    Hello there, okay so my pal and i’ve got a little problem determining on which occurs when a monster attacks directly, and also the other player uses call from the haunted. what goes on? will the attack fail, or will i attack the re-summoned monster? thanks

  2. Wavatar

    can you really have several panic attack each day? and may you define what a panic attack is?

  3. Wavatar

    I just read somewhere when I attack my opponent’s monster plus they use, say, hurry recklessly around the monster therefore it has more attack than me will be able to stop my monster from attacking. Is that this true or must i continue the attack, have my monster destroyed, and lose existence points. Just like what can happen basically just assaulted a monster with increased attack than mine.

  4. Wavatar

    Whenever I’ve had one I always think I’m having a heart attack. I think this is normal(to think that), but could I ever really have a heart attack from a panic attack? Among other symptoms, my left arm always gets numb when I have one, so that’s why I always think it’s my heart.

    I’m 23, in good physical shape, and have never been diagnosed with any heart problems. Am I just being crazy? Any words of wisdom on how to prevent panic attacks?

  5. Wavatar

    If a person attacks your body, could they be fighting them??

  6. Wavatar

    Barbarians that assaulted Rome,

    At the start of time.

  7. Wavatar

    what’s the first erectile dysfunction within the situation of cardiac arrest

  8. Wavatar
    Cyrus Destefano

    Im 17 years old girl, but for the past couple days ive had these out burst of tension attacks. They type of seem like i have to wake up and pace the ground and im frigidity, my breathing will get heavier, I’ve minor shakes, i recieve stomach seeing stars and that i can seem to be more pressure than normal within my chest. I actually do reside in a demanding atmosphere and do visit a psychiatrist monthly. However i desired to determine if they are stress attacks or panic attacks? and explain the 2 and just how they differ.

    Sometimes there so bad i cant focus on anything.

  9. Wavatar

    just lately in my opinion i’d a anxiety attack the very first time im a 29 male and from no where i had been dizzy and felt like electric was at my mind was difficult to breathe however it past and that i were built with a stomach pain

    if i consider what went down it begins again however i control myself till it passes

    could this be considered a anxiety attack a stroll in clinic dr thinks so …

    is the fact that normal to seem like a tingling or electric feeling..

    and so why do the attacks come never ever after 29 years

    yes i actually do seem like something bad is gonna happen after i begin to feel

    the trigger happens when i start considering if this first happened

    very first time it happened i had been smoking some pot of pretend pot also known as :pourpori: synthetic

    used to do possess a seizure 13 years back and have been receiving dilantin every since but all dr’s and ER stated it’s not a seizure

    seen DR today he stated the it had been high bloodstream pressure and mild anxiety performs this seem to everyone

    i had been on atenol for bloodstream pressure and that he added benicar to that particular and stated problem would disappear once the bloodstream pressure stables

    when my attacks start i recieve light headed and my mind feels heavy

    how do i control myself anf allow it to be disappear any idea

  10. Wavatar
    Jordon Cartlidge

    i am 12. and for whatever reason i figured i had been gonna have cardiac arrest. and so i was reading through onto it and me began beating fast. it is not any longer but i’ve got a teeeeeny provide feeling within my throat nevertheless its pretty good. do you consider im just getting a anxiety attack? i do not have any pains

Leave a Reply for your confusion