People who don't change the default user agent are legitimate security researchers. People with actual malicious intent change it to whatever the current Chrome UA is.