SEO Poisoning Attacks Become More Intricate, Infect Thousands of Websites
While Internet users are anxious about the menace created by rogue anti-virus, Websense researchers say that a backdoor malcode (malicious code) has infected thousands of websites.
As said by Carl Leonard, Websense security labs manager, company's Threatseeker Network was observing that SEO poisoning threats and more blended threats are not changing daily, rather hourly, as per the news published by SCMagazine on April 30, 2010.
Leonard said that Web-based exploits are becoming more intricate with social engineering attacks, and it was experiencing more cloaked code and obfuscated algorhythms. One of these is an Internet threat that has attacked thousands of websites. It infected the websites with a code with the motive of being invisible so as to inject the rogue code into the sites.
Similarly, Sophos, another anti-virus software vendor, claimed that unethical SEO tactics are being used by cybercriminals to spread viruses, malware and Trojans. As per the latest report published by Sophos, swindlers are increasingly making use of SEO poisoning techniques to send Internet users to spiteful websites that contain malware and Trojans.
Consequently, Sophos has meticulously examined blackhat SEO kits' usage. These are used by fraudsters to automate SEO process; permitting cyber crooks to push their devious sites into public domain by promoting their Yahoo and Google search rankings easily and speedily.
For instance, cyber miscreants recently made use of the security firm McAfee's Update Glitch as bait to poison computers with malware. After a faulty anti-virus update launched by McAfee left the customers of security firm struggling to get their machines reconfigured and functioning properly, swindlers have switched to try capitalizing on the situation using SEO poisoning techniques.
Further, content scanning on Web server also helps to add a considerable layer of protection against SEO attacks, rendering exposure for scripts used in PHP backdoors and SEO kits. Such detection can warn the administrators of a possible server compromise.
» SPAMfighter News - 14-05-2010