Page 8 of 8 FirstFirst ... 45678
Results 71 to 73 of 73

Thread: Search Engine Poisoning - archive

  1. #71
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Thumbs down SEO poisoning w/Flash for redirection

    FYI...

    SEO Poisoning sites use Flash for redirection
    - http://www.f-secure.com/weblog/archives/00001899.html
    March 4, 2010 - "... another SEO poisoning stint... Since a lot of websites use SWF, most users have already installed Flash support in their browsers, thereby also enabling support for the malware behavior... It seems that the bad guys want the malicious URLs to be hidden inside the SWF..."
    (Screenshots available at the URL above.)

    - http://techblog.avira.com/2010/03/04...ruary-2010/en/
    March 4, 2010

    Last edited by AplusWebMaster; 2010-03-05 at 01:24.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  2. #72
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Thumbs down SEO poisoning on TV show...

    FYI...

    SEO poisoning on TV show
    - http://isc.sans.org/diary.html?storyid=8383
    Last Updated: 2010-03-08 17:08:18 UTC ...(Version: 2) - "... new SEO (Search Engine Optimization) poisoning attack doing the rounds in the last 6-8 hours. We have talked about this kind of attack in the past*, although they were mainly focused on other hot technological topics, major tragedies, or events. This time, the topic to get on top of the search engines result page is a TV reality show. Specifically, there is a TV show premiere in the US tonight called "Billy the Exterminator"... The affected sites are using a drive by attack, providing victims a fake AV warning message that drives them to download a piece of malware..."
    * http://isc.sans.org/diary.html?storyid=8098

    Hackers exploit Oscars to spread scareware attack
    - http://www.sophos.com/blogs/gc/g/201...-exploit-oscar
    March 8, 2010 - "... By using SEO (search engine optimisation) techniques, hackers have created webpages that are stuffed with content which appears to be related to the 2010 Oscars, but are really designed to infect your computer..."

    Last edited by AplusWebMaster; 2010-03-08 at 19:42.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  3. #73
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Thumbs down SEO poisoning on news - Icelandic Volcano erupts

    FYI...

    Icelandic Volcano Erupts, Fake Antivirus Spews Forth
    - http://www.symantec.com/connect/blog...us-spews-forth
    March 22, 2010 - "Yesterday there was a volcanic eruption in Iceland, near the Eyjafjallajoekull glacier, that has led the Icelandic authorities to declare a state of emergency in southern Iceland. People living nearby have been evacuated in case of glacial melt water flooding and the airspace near the now active volcano is effectively closed off. As you have probably already guessed, any event which commands a high level of public interest will be pounced on quickly by the makers of fake antivirus software in order to make a quick buck. This incident is no exception. Web searches for subjects relating to this eruption, such as "Iceland Volcanic Eruption" or "Iceland Volcano", will return results that may include dozens of hacked Web sites. It is not that difficult to spot the hacked sites with the fake antivirus redirection in the search results... A reasonable rule of thumb... look for domain names that suggest content unrelated to the news being searched for. For example, if you find a Web site whose domain name suggests it is about a painter or British castles, yet it appears in the search results for a story about the volcanic eruption, it is likely that the link is bogus and should be avoided... On the subject of hacked Web sites, it appears that the crew behind this campaign has a back catalogue of hacked sites they can call up and use at very short notice. On looking closer at the hacked sites, you will find that it looks like each of them has had a few hundred randomly named PHP pages added to them. Each of these pages redirects to a single server that is changed periodically... The sites have a series of fake scan pages, which it can display at random. The fake scan pages are designed to look like application windows in various versions of Microsoft Windows and include Windows XP and Windows Vista..."

    (Screenshots available at the URL above.)

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •