Incapsula - Semalt Botnet Spreading Strongly Across the Web
Security researchers of security firm Incapsula warn that the "Semalt" botnet is spreading quickly over the Internet. The security vendor says that SEO (Search Engine Optimization) set up has "unscrupulous" activities being referred as a spam campaign and it has caused concern to several website owners.
Semalt apparently ignoring directives of "robots.txt" and overbearing servers with doubtful-looking requests.Incapsula notes that they found the primary indications about a large profile referrer spam campaign few months ago which apparently arises from Semalt. The company states that its bots were engaging referrer spam strategies on a remarkable scale and it was hostile enough to draw attention of clients.
The purpose of referrer spam is to generate back-links to a particular URL by exploiting access logs which are publicly available. The exploit begins after locating vulnerable websites. The bots access a flood of websites in bulk and send requests containing the URL of website which infiltrators are in the process of boosting.
Infosecurity-magazine.com published a statement on 3rd September, 2014 quoting Ofer Gayer, a Researcher with Incapsula, as saying 'The existence of such SEO leeches can lead to long-term SEO damage to sites that can range from downgrading in search engine result pages (SERP) to absolute SERP blacklisting and removal. "The company employs a botnet created by malware concealed in a utility known as "Soundfrost" to perform all these and it includes more than 290,000 machines of different IP addresses all over the world.
Almost 60% of those systems are Brazil based.The Semalt is an efficient beast as it bypasses usual bot identification and filtering and the botnet evades rate-limiting protection and IP blacklisting. Hence, the firm concludes that it is a very sophisticated bot.