Website traffic report shows an increase of malicious bots activity

10:00 ET, 19 December 2013

Incapula security firm published a new report on the analysis of website traffic evidencing the increment for malicious activities.

Researchers at the Incapsula security firm have published a new study on the nature of website traffic, early 2013 the company revealed that 51% of the overall traffic was generated by non-human entities and 60% of it was related to malicious botnets.

The experts observed 1.45 Billion bot visits on nearly 20,000 sites on Incapsula’s network in around 90 days, the traffic was originated from any of 249 countries in the world.

Respect the data provided in the previous report from 2012 the bot traffic is increased of 21%, fortunately the increase is mainly attributable to the activity of good bots (i.e., certified agents of legitimate software, such as search engines).

Those legitimate entities have increased their volume from 20% to 31% from last year due to the evolution of web based services and increased activity of existing bots.

The overall malicious traffic remains unchanged,  31% of bots still belongs to malicious botnets but it is evident a reduction in Spam Bot activity from from 2% in 2012 to 0.5% in 2013, the experts believe that Google was able to discourage link spamming practices, causing a 75% decrease in automated link spamming activity.The data that most of all has attracted my attention is the 8% increase in the activity related to unclassified bots with hostile intentions and defined in the report as “Other Impersonators”.

The phenomenon is related to malicious bots that pretend to assume a spoofed identity, for example trying to appear as search engine bots or legitimate service bots, to compromise targeted websites, for example recently security experts at Securi firm have detected a series of SQL Injection attacks conducted abusing of the Google Bot activity.

Bots belonging to this category are specifically designed bots, not attributable to common malware, used to sophisticated hacking campaigns.

“These can be automated spy bots, human-like DDoS agents or a Trojan-activated barebones browser. One way or another, these are also the tools of top-tier hackers who are proficient enough to create their own malware. The 8% increase in the number of such bots highlights the increased activity of such hackers, as well as the rise in targeted cyber-attacks.”

A good example of such traffic is recent volume  originated for volumetric Layer 3-4 DDoS attacks.

Below a very useful Infograph that resume the results of the study.


Pierluigi Paganini

(Security Affairs –  Incapsula, website traffic report)







FAIR USE NOTICE: Under the "fair use" act, another author may make limited use of the original author's work without asking permission. Pursuant to 17 U.S. Code § 107, certain uses of copyrighted material "for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship, or research, is not an infringement of copyright." As a matter of policy, fair use is based on the belief that the public is entitled to freely use portions of copyrighted materials for purposes of commentary and criticism. The fair use privilege is perhaps the most significant limitation on a copyright owner's exclusive rights. Cyber Defense Media Group is a news reporting company, reporting cyber news, events, information and much more at no charge at our website Cyber Defense Magazine. All images and reporting are done exclusively under the Fair Use of the US copyright act.

Global InfoSec Awards 2022

We are in our 10th year, and these awards are incredibly well received – helping build buzz, customer awareness, sales and marketing growth opportunities, investment opportunities and so much more.


10th Anniversary Exclusive Top 100 CISO Conference & Innovators Showcase