Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Bad bots on the rise: A look at mobile, social, porn, and spam bots.

David Geer | May 2, 2014
Bad bots create untold security nightmares for the enterprise. Today, we're taking a look at the trouble they lead to, and what companies can do about it.

army of robots 176859594 
Credit:Thinkstock

From 2012 to 2013, Incapsula, a website security firm focusing on CDN solutions as load balancing, found that bot traffic went from consisting of 51 percent to 61.5 percent of all Internet traffic, a 10.5-percent increase. Thirty-one percent of those bots are malicious, according to data from the report.

The word "bot" means different things. For this story, a bot is a malicious mobile, social, porn, or spam robot that lives on the Internet and unsuspecting users' devices.

People errantly install mobile bots on smartphones as hidden elements of software bundles or free apps from third-party app stores. Since phone vendors do not authorize these downloads, users typically jailbreak or root their devices in order to enable a wider selection of free apps.

However, rooting disables the fundamental security that is present when it is impossible to download or install other than screened approved apps from the phone vendor's app store.

Social bots invade user accounts, infecting social media when someone installs an application or API add-on in their Facebook or Twitter account, explains Richard Henderson, Security Strategist, FortiGuard Labs, Fortinet.

Installation grants the program permission to post to that person's Facebook or Twitter content. Sometimes the user doesn't have to grant permission for the infection to occur. It can happen automatically, says Henderson.

Social bots and malware use permissions to post and message the user's contacts with links to more malware or to counterfeit merchandise. Again, users don't realize when they install these apps that hackers have deceived them. Infected accounts can spam contact lists with thousands of messages and links to additional infections, says Henderson.

Porn bots include chat room spammers and bots that pop up on adult websites. Chat room spammers crawl the Internet looking for chat forums that use technologies such as Internet Relay Chat (IRC) and web-based chat. Porn bots invade these sites, messaging offers of free adult images via links.

Porn chat bots live on free adult websites where they pop up chat windows with pictures of attractive people saying, "I see you are from [your town here]. I live in your area. Would you like to chat?"

The chat bot determines the user's location based on their IP address.

"There's some rudimentary intelligence in those bots," says Henderson, "designed to build familiarity with the user to entice them to click to another porn site, which will require them to pay for premium content."

Spam bots are a sub-category of any of these other types of bots. "They're designed to entice people to click on a link directing them to a malware delivery site or someplace selling counterfeit goods such as fake watches, Louie Vuitton handbags, and pharmaceuticals," he adds.

 

1  2  3  Next Page 

Sign up for CIO Asia eNewsletters.