Menu
software

Gosyd bad bots

 Gosyd bad bots stands for Google Syndicated Bad bots. They exist and it’s by design or inadvertent. Only Google can tell but there’s really no direct way of reaching Google. Here’s a tale to take heed when installing google site kit that purportedly only analyzes web traffic. Our client recently installed a WordPress plugin called G site a google analytical plugin that allows google bot to capture traffic. They connected the plugin to their google account. A fortnight passed, our customer started experiencing a lot of bot traffic on their website.

We uninstalled the G site plugin, run our forensic & firewall system. We were able to block off thousands of bot traffic which had slowed down our customer’s domain.
About 20% of the traffic appeared to be password sniffing attempts. 80% of the traffic fell into 3 categories. Attempting to access simplepie a development platform to manipulate rss.
Attempting to gain access via the web mail is the second largest bot traffic.
Lastly, bots were interested to access id3 which is located in wp-include that enables cloud media interface.

Our analytical tool discovered that the plugin didn’t only analyse traffic, it indexed the entire site even sensitive areas especially in wp-include, mail pathways. It then sent these links to google cache. Unfortunately google cache is also accessed by a bad bot nets. These botnets started scanning all the links from google cache and the traffic at times seemed like the start of a DDOS attack.

Be careful when installing so called SEO plugins and connecting it to google account. Bots are more interested than humans.

Tagged In

Leave a Reply

Your email address will not be published. Required fields are marked *

Protected with IP Blacklist CloudIP Blacklist Cloud

Recommended Articles

Zifsoft releases Sala SELENIUM (Planet ver S)

Zifsoft release Canvass feature in Salsa Battery

Zifsoft releases Salsa YOI (Planet ver Y)

Zifsoft releases APP Aggressor Valor (version V)

Lifvation Group