Tag Archives: malware

SEO poisoning campaign directs search engine visitors from multiple industries to JavaScript malware

SEO poisoning campaign directs search engine visitors from multiple industries to JavaScript malware

Researchers have discovered a high-effort search engine optimization (SEO) poisoning campaign that seems to be targeting employees from multiple industries and government sectors when they search for specific terms that are relevant to their work. Clicking on the malicious search results, which are artificially pushed higher in ranking, lead visitors to a known JavaScript malware downloader. “Our findings suggest the campaign may have foreign intelligence service… Source link

Read More »

Attackers Use SEO Poisoning to Spread Malware, Steal Credentials

Attackers Use SEO Poisoning to Spread Malware, Steal Credentials

“The threat group’s motivations are currently unknown, but we suspect that the group is financially motivated based on the seemingly industry-agnostic leading to ransomware activity.” Researchers said, the DLL sample did not execute the VBScript when run by itself. However, when run with Mshta.exe – a Windows-native utility designed to execute Microsoft HTML Application (HTA) files – the Mshta.exe utility would locate and execute the VBScript without any issues. This… Source link

Read More »

SolarMarker malware spread through advanced SEO poisoning

SolarMarker malware spread through advanced SEO poisoning

A malware actor used their own brand of SEO poisoning to distribute malicious files, according to research published Tuesday by Sophos. Sophos’ latest report concerns SolarMarker, a backdoor and information-stealing malware that was initially detected in late 2020. The malware was typically installed when victims visited a Google search result that has been planted near the top of a search due to threat actors’ search engine optimization (SEO) poisoning. These links are designed to get a… Source link

Read More »

Hackers increasingly relying on dropper-as-a-service platforms to distribute malware

Hackers increasingly relying on dropper-as-a-service platforms to distribute malware

Malware authors are increasingly relying on dropper-as-a-service (DaaS) platforms to distribute their malicious creations, according to cybersecurity researchers. In its latest research, Sophos has shared details about the growth of such DaaS platforms that infect victims who frequent piracy websites looking for cracked versions of popular business and consumer applications. “During our recent investigation into an ongoing Raccoon Stealer (an information stealing malware) campaign, we found… Source link

Read More »

SEO wizardry abused to push malware into Google search rankings

SEO wizardry abused to push malware into Google search rankings

Cybercriminals are deploying search engine optimization (SEO) tricks to push malicious domains up the Google search rankings, security researchers have discovered. According to a report from the security team at AT&T, in addition to distributing malware via email campaigns, the operators behind the infamous Sodinokini ransomware are targeting keyphrases commonly punched into Google. In the scenario analyzed in the report, a client ended up downloading a rigged JavaScript file from a malicious… Source link

Read More »

This odd malware tricks Google to boost your website’s SEO – then it attacks

This odd malware tricks Google to boost your website’s SEO – then it attacks

Security researchers have discovered a novel malware delivery mechanism that climbs to the top of any search results after tricking Google’s famed SEO (Search Engine Optimization) algorithm. While the Gootkit malware itself has been around for several years, and has been analyzed by cybersecurity firm Sophos in the past, it is its new delivery mechanism, which has earned it the nickname Gootloader and is the subject of their recent analysis.  “Gootloader uses malicious search engine… Source link

Read More »

Hackers exploit websites to give them excellent SEO before deploying malware

Hackers exploit websites to give them excellent SEO before deploying malware

Cyberattackers have turned to search engine optimization (SEO) techniques to deploy malware payloads to as many victims as possible.  According to Sophos, the so-called search engine “deoptimization” method includes both SEO tricks and the abuse of human psychology to push websites that have been compromised up Google’s rankings.  SEO optimization is used by webmasters to legitimately increase their website’s exposure on search… Source link

Read More »