Mobile bad bot traffic surges by 1,000%

Tools

Mobile bad bot traffic is up a staggering 1,000 percent in the past year, and one new study expects mobile to be the focus of even greater bad bot behavior in 2014.

In its annual Bad Bot Landscape report, Distil Networks noted that various entities "from legitimate businesses and governments, to organized criminal hackers and nefarious thrill-seekers, bots have become a reliable and ready weapon of choice. With returns high and the risk of retribution low, those who develop and deploy bots are continuing to do so with ever greater reach and efficiency."

But the greatest driver of bad bot growth has been wireless, and the mobile space is an especially attractive target.

"Over the past year, Distil has witnessed the aforementioned increase of over 1,000 percent in mobile bad bot traffic, and trafficked bad bot traffic originating from every wireless provider operating in the U.S.," says an article at Infosecurity Magazine. "With the exception of America Movil, every one of the top 10 global wireless providers served bad bot traffic from their network."

According to the Distil report, "This trend increases in importance each month, as mobile throughput continues to increase. Smartphones are the most vulnerable of all mobile devices, and by the end of 2014, estimates show that there will be more than 6 billion mobile devices in use. This represents massive incentive for bad bot operators to focus more on mobile."

In terms of bad bot servers, U.S. mobile providers far surpassed foreign providers, the report says. AT&T's network saw the highest volume of bad bot traffic, while Vodafone had the highest number of malicious bot requests.

"Not only is the number of mobile bots increasing, but so too are the number of bots spoofing their identity to portray themselves as mobile devices," the Distil report explains. "Bad bot operators do this because many web servers are programmed to give a different response, or set of data, to mobile users (versus desktop users). Often, bot makers are interested in this unique data and spoof their user agents to appear as a mobile browser, when in reality they are nothing more than a script."

For more:
- check out the Distil Networks Bad Bot Landscape report
- read the Infosecurity Magazine article

Related Articles:
Too many companies screw up IT security basics [FierceCIO]
Majority of malicious bot traffic made in the USA [FierceITSecurity]
7 deadly sins: the most dangerous new attack techniques for 2014 [FierceITSecurity]