Google Product Forums

Re: Huge Spike in Traffic from Direct Internet Explorer visitors - nearly100% bounce rate, stays for only one minute


PPC_Guru Mar 16, 2012 2:23 PM
Posted in group: Google Analytics

Categories: Discuss Tracking and Implementation issues :

@Netmet and @AdTech

I suspect Google are looking at this, but I is likely to be difficult to Fix.

The only way to kill the Botnet is for Microsoft to rollout an update to WindowsDefender or WindowsUpdate, or for the ISP`s to cutoff the Broadband connections, or for the Botnet Command&Control server to be shut down. All of these factors are outside of Google`s control, and the Standard user-agents and diversity of IP`s, makes this traffic difficult to diferentiate vs human visitors. Thus I suspect, it is also difficult to track down the source on a network level. Additionally, as Chrome is not effected - only Microsoft will have access to IE status reports on browser settings and plugins.

Did anyone have any luck reaching out to any security professional or ISP`s?
http://www.microsoft.com/about/twc/en/us/twcnext/timeline.aspx#2001-01
http://blogs.technet.com/b/security/

Thanks

Phil.

* Security Experts...
https://forms.cert.org/VulReport/
http://isc.sans.edu/contact.html
http://www.sans.org/vendor/contact

* ISP list...
http://customer.comcast.com/help-and-support/account/ways-to-get-help/
http://help.rr.com/HMSFaqs/e_supportcommit.aspx
http://www.att.com/esupport/
http://www22.verizon.com/ResidentialHelp/FiOSInternet/Troubleshooting/Network/Network.htm
http://www.myaccount.charter.com/customers/support.aspx
http://static.optonline.net/Support
http://qwest.centurylink.com/internethelp/emailsupport/techemail.html
http://help.suddenlink.com/Pages/default.aspx
http://www.centurylinkservices.net/faq.php#abuse

HiJackThis diagnostic tool
http://www.trendmicro.com/ftp/products/hijackthis/HiJackThis.msi