Sophos Discloses SEO Corruption on Its Own Software

Researchers at Sophos reportedly had been identifying instances when search engine returns were being misappropriated for diverting Web-surfers onto malware-laden, scam or infected websites over a certain period of time; however, currently the IT security firm appears to have its own products utilized in search engine optimization (SEO) corruption.

Says Researcher Fraser Howard from Sophos, during October 2009, his co-researchers posted regarding the way the attackers exploited subjects related to education so they could ensnare teachers and students hunting online for resources or information. Infosecurity-magazine.com reported this on May 27, 2011.

The similar delicate techniques as mentioned above continue to work today, according to Howard, who adds that the very products of Sophos have become so valuable that they too are being targeted with SEO poisoning.

Howard talks of a poisoned keyword coming to his notice lately. Its inbound content disclosed Mal/SEORed-A that was identified on a website corrupted with SEO technique. This malware apparently was the creation of a new toolkit, which Sophos had been tracing.

And when the researcher saw the URL, he found that it had the search keyword "WS1000 appliance" that related to web appliance (SWA) software of Sophos.

The meaning, according to him was that an end-user hunting for details through Sophos' web appliances fortunately sat in the background of a Sophos' web appliance, facilitating the security firm for foiling the assault via stopping the first diversion onto Mal/SEORed-A. Nakedsecurity.sophos.com reported this on May 26, 2011.

Howard adds that it was thanks to them being Sophos clients already otherwise they'd have been typically victimized with scareware scams because of the diversion.

Keeping aside paradox, the above clearly demonstrates the extent of efficacy of blackhat SEO assaults.

In fact, blackhat SEO is behind more than 30% of the entire malicious programs that Sophos identified during May 20-25, 2011, Howard emphasizes.

Conclusively, the researcher suggests that to stay safe, Web-surfers require reviewing the web-links properly that appear within search engine results prior to clicking on them. Most essentially, they must make sure they've layered defenses installed complete with appropriate URL filtering and content scanning that specialize in preventing such assaults.

Related article: Spike in Attacks Causes Early Release of Windows Patch

» SPAMfighter News - 6/7/2011