60+ Compromised Sites with SEO Poisoning
February 25th, 2010 admin
Topics:
More than 60 websites have been found to be hotbeds for SEO poisoning. Each of these domains host hundreds of possible matches for search keys. Also, the topics in one domain overlap with that of the other domain, thus making it possible that they will both emerge in the search results. Topics range from the Winter Olympics Luge Crash to the death of Alexander McQueen and even to NASCAR Schedule. When an unsuspecting user happens to input a particular search key that matches one of those being served…
Related Posts
Another day, another news, and well… another SEO poisoning stint. Using PDF files in SEO poisoning is a bit recent, but not exactly fresh news. So we were thinking of just adding the malicious URLs to our Browsing Protection and creating detections for the corresponding files… Then, we saw something: Ok, could be one time thing, so we...
As the winter Olympics begin, the Department of Homeland Security has disclosed that it will be monitoring the comments and posts on several websites and social media outlets like Twitter,The Drudge Report, The Blotter and others for information on possible terror threats. The National Operations Center of DHS will watch the web for information, according...
Lt. Gen. Keith Alexander, the current Director of NSA, has been nominated to head the US Cyber Command. Last week Alexander appeared before the Senate Armed Services Committee to answer questions. The Chairman of the Armed Services Committee, Senator Carl Levin (D Michigan) began by posing three scenarios to Lieutenant General Alexander: Scenario...
Last year I blogged about Shodan , and today thanks to Team Cymru I learned of the latest evolution of Intrusion as a Service. It’s called the Vulnerable Sites Database . According to the site, to be listed as a vulnerable site a submitter must provide “1. site name 2. vulnerability or JPG proof.” This reminds me of a Web defacement...
Over the weekend, our lab stumbled upon a spambot application that capitalizes on Chuck Norris’ popularity to boost a particular site’s search engine ranking via spamdexing. It is used to poison search results and tricks the search engine into ranking a site high in the search result list. The spambot installer, which is detected as Application:W32/Spambot.A...
The 2010 FIFA World Cup starts today in South Africa. Four years ago, in 2006, we were on the lookout for football themed malware . Here’s one example of a football themed e-mail worm . Today, in 2010, we’re more likely to see Search Engine Optimization (SEO) attacks as folks search for news and information on the matches and players....
A day after the disaster that struck the Caribbean nation of Haiti, Rogue perpetrators have once again been busy with their SEO poisoning schemes. Searching for terms related to this earthquake leads to a website that installs a Rogue into the system. It happens when an unsuspecting user searches for Haiti Earthquake details. Happily clicking the...
Just when we thought SEO using Flash was as interesting as SEO poisoning can get, it seems it’s getting even sneakier… Imagine a PDF file posted by someone evil online. Of course, Google being Google, the file is recognized as a PDF. And when we open it, it really is a PDF. No evil codes inside, just a good old vanilla PDF file. Three...
Just a quick note – the sudden death of Hollywood celebrity Brittany Murphy last Sunday (BBC report here ) has prompted a spike in searches on the subject – and of course, an SEO attack. Users who click on a poisoned search result link will be redirected to a website that will display a scare message trying to panic users into downloading...
It seems that rogue peddlers have gotten tired of their old tricks in pushing rogueware into the user’s system. It used to be a fake scanning page, that leads to a warning, then a fake AV. Now, it comes as the Firefox “Just Updated” page. You know that page that instantaneously appears right after you update your Firefox browser?...
Related Tweets from Twitter
Related News from Digg
Leave a comment
| Trackback
