NORAD.io
OVERVIEWCOUNTRIESBOTSTHREATS

THREAT MONITOR

10 threat categories tracked. 3 critical threats active.

GLOBAL THREAT LEVEL: ELEVATED
Prompt InjectionCRITICAL

Attempts to override bot instructions via malicious content embedded in web pages

Modified system promptsInstruction override attemptsJailbreak patterns
Data ExfiltrationCRITICAL

Bots attempting to extract sensitive data from websites including PII and credentials

PII scraping patternsForm data harvestingAPI abuse
Credential StuffingHIGH

Automated login attempts using leaked credentials from data breaches

Rapid login attemptsCredential pair testingDistributed IP sources
Aggressive Content ScrapingMEDIUM

Bots aggressively scraping content beyond robots.txt limits and ToS

High request raterobots.txt violationSitemap crawl abuse
SEO Spam InjectionHIGH

Bots attempting to inject spam content via forms, comments, or trackbacks

Comment spamTrackback abuseForm submission automation
DDoS Bot ActivityCRITICAL

Coordinated bot traffic aimed at overwhelming servers and infrastructure

Traffic spikesUnusual geographic patternsRequest amplification
Skill TamperingHIGH

Bots with modified or malicious skill sets that deviate from their declared capabilities

Unknown skill hashesSkill mismatch with known bot typeForged capabilities
Identity SpoofingHIGH

Bots pretending to be legitimate crawlers like fake Googlebot or fake GPTBot

IP mismatch with claimed orgUser-Agent mismatchInvalid APS passport
Unauthorized Training Data CollectionMEDIUM

AI crawlers collecting data in violation of robots.txt directives or Terms of Service

robots.txt violationDisregarding noai meta tagBulk content download
Form AbuseMEDIUM

Automated form submissions for lead generation, phishing, or data harvesting

Rapid form submitsHoneypot triggeredInvalid data patterns