Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog - Active SEO poisoning attacks for hot topics InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Active SEO poisoning attacks for hot topics

Published: 2010-01-27
Last Updated: 2010-01-27 23:24:06 UTC
by Raul Siles (Version: 1)
2 comment(s)

In the past we have already covered how attackers are using SEO (Search Engine Optimization) poisoning techniques to modify the results obtained from search engines, mainly Google, to point to malicious web sites or accomplish other malicious activities, for example, vishing attacks or IFRAME SEO attacks.

Recently we got details about two active SEO poisoning attacks for two specific hot topics:

The related search terms for these two hot topics in Google are returning top results pointing to sites that distribute malware.

Apart from the common defense-in-depth practices regarding client and end point protection, one of the best recommendations is to demonstrate this type of attack on your security awareness programs, so that users do not blindly trust any output they get from search engines.

--
Raul Siles (www.raulsiles.com)
Taddong is comming soon...

Keywords: apple Facebook SEO
2 comment(s)
Diary Archives