Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Incapsula - Semalt Botnet Spreading Strongly Across the Web

Security researchers of security firm Incapsula warn that the "Semalt" botnet is spreading quickly over the Internet.

The security vendor says that SEO (Search Engine Optimization) set up has "unscrupulous" activities being referred as a spam campaign and it has caused concern to several website owners. Semalt apparently ignoring directives of "robots.txt" and overbearing servers with doubtful-looking requests.

Incapsula notes that they found the primary indications about a large profile referrer spam campaign few months ago which apparently arises from Semalt. The company states that its bots were engaging referrer spam strategies on a remarkable scale and it was hostile enough to draw attention of clients.

The purpose of referrer spam is to generate back-links to a particular URL by exploiting access logs which are publicly available. The exploit begins after locating vulnerable websites. The bots access a flood of websites in bulk and send requests containing the URL of website which infiltrators are in the process of boosting.

Access logs record all such requests automatically and creates an HTML referrer link and search engines then crawl these links. Semalt activity appears in the report of Google Analytics as being 'human' traffic because of an unusual ability to execute Javascript.

This process works well till the search engine figures it out as scam and thus impacting naive hijacked websites.

Infosecurity-magazine.com published a statement on 3rd September, 2014 quoting Ofer Gayer, a Researcher with Incapsula, as saying 'The existence of such SEO leeches can lead to long-term SEO damage to sites that can range from downgrading in search engine result pages (SERP) to absolute SERP blacklisting and removal."

The company employs a botnet created by malware concealed in a utility known as "Soundfrost" to perform all these and it includes more than 290,000 machines of different IP addresses all over the world. Almost 60% of those systems are Brazil based.

The Semalt is an efficient beast as it bypasses usual bot identification and filtering and the botnet evades rate-limiting protection and IP blacklisting. Hence, the firm concludes that it is a very sophisticated bot.

» SPAMfighter News - 9/11/2014

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page