Tag Archives: Poisoning

15,000 sites hacked for massive Google SEO poisoning campaign

15,000 sites hacked for massive Google SEO poisoning campaign

Hackers are conducting a massive black hat search engine optimization (SEO) campaign by compromising almost 15,000 websites to redirect visitors to fake Q&A discussion forums. The attacks were first spotted by Sucuri, who says that each compromised site contains approximately 20,000 files used as part of the search engine spam campaign, with most of the sites being WordPress. The researchers believe the threat actors’ goal is to generate enough indexed pages to increase the fake Q&A sites’… Source link

Read More »

SEO poisoning campaign directs search engine visitors from multiple industries to JavaScript malware

SEO poisoning campaign directs search engine visitors from multiple industries to JavaScript malware

Researchers have discovered a high-effort search engine optimization (SEO) poisoning campaign that seems to be targeting employees from multiple industries and government sectors when they search for specific terms that are relevant to their work. Clicking on the malicious search results, which are artificially pushed higher in ranking, lead visitors to a known JavaScript malware downloader. “Our findings suggest the campaign may have foreign intelligence service… Source link

Read More »

Attackers Use SEO Poisoning to Spread Malware, Steal Credentials

Attackers Use SEO Poisoning to Spread Malware, Steal Credentials

“The threat group’s motivations are currently unknown, but we suspect that the group is financially motivated based on the seemingly industry-agnostic leading to ransomware activity.” Researchers said, the DLL sample did not execute the VBScript when run by itself. However, when run with Mshta.exe – a Windows-native utility designed to execute Microsoft HTML Application (HTA) files – the Mshta.exe utility would locate and execute the VBScript without any issues. This… Source link

Read More »

SolarMarker malware spread through advanced SEO poisoning

SolarMarker malware spread through advanced SEO poisoning

A malware actor used their own brand of SEO poisoning to distribute malicious files, according to research published Tuesday by Sophos. Sophos’ latest report concerns SolarMarker, a backdoor and information-stealing malware that was initially detected in late 2020. The malware was typically installed when victims visited a Google search result that has been planted near the top of a search due to threat actors’ search engine optimization (SEO) poisoning. These links are designed to get a… Source link

Read More »

Zoom For You — SEO Poisoning to Distribute BATLOADER and Atera Agent

Zoom For You — SEO Poisoning to Distribute BATLOADER and Atera Agent

While defending our customers against threats, Mandiant Managed Defense continues to see new threats that abuse trust in legitimate tools and products to carry out their attacks. These attacks are effective in getting past security defenses and staying undetected in a network. Through proactive threat hunting, our Managed Defense frontline team uncovered a campaign that used search engine optimization (SEO) poisoning to lead victims to download the BATLOADER malware for the initial… Source link

Read More »

SEO Poisoning: The New Normal Brings New Threats

SEO Poisoning: The New Normal Brings New Threats

We all know how difficult it is to keep pace with cybersecurity trends and threats. Cryptojacking, DDoS attacks, ransomware, backdoors, SQL injection, phishing, malware… the list is extensive, and this handful of examples barely penetrates the surface. Unfortunately, recognizing the attack vectors of today and staying vigilant has never been more important. The number of data breaches in 2021 has already soared past the figure recorded last year, even though attackers were able to ride… Source link

Read More »