Compuware/Gomez: Bot Attacks Aren’t Us
Although there has been speculation that the wave of bot traffic afflicting some sites originated in the Compuware’s Gomez Peer Zone (see Is Gomez Behind Massive Traffic Spikes?, a representative of the firm says the traffic isn’t emanating from their network of Windows users.
Brenda Menard, PR Manager of Compuware’s APM Business Unit, checked the URL and other site info of my site that’s experiencing the massive traffic, and said their technical people could find no evidence that it was in their system.
At this point, what’s needed is a forensic analysis of some of the user PCs causing the attack. If it’s not Gomez, then it’s likely malware operating in the background without the user being aware of it.
The big mystery is the purpose of these attacks. The sites targeted appear to have nothing in common, and explanations like email harvesting and content scraping don’t fit the pattern of sending thousands of visits to the same small number of pages on each site.
Anyone who has any insight is welcome to post a comment!
It is Gomez. We have their IP in our logs. They do not honour the robots directive. Ban these idiots.
Tom, how do you know the source of the traffic is Gomez? The IPs are widely distributed across a range of consumer ISPs, so it seems like it would take a forensic analysis of an end user’s machine to determine the exact malware that’s causing the traffic. To my knowledge, nobody has identified a software footprint that would enable blocking the bogus visits.
Roger