WordPress Targeted with Clever SEO Injection Malware
#1
Quote:A clever malware built for SEO injection – where a black hat loads up a webpage with spammy links, redirects and ad keywords, unbeknownst to the site owner – has been seen evading detection with an innovative approach that involves appending itself in an unusual place in the back-end code of a WordPress site.

Researchers at Sucuri have seen the malware crop up in two unrelated sites recently, targeting both English- and Korean-speaking searchers who are looking for various “free” downloads.

Upon analysis, the researchers discovered that the malware has two functions. First, it can add hidden links for indexing by search engines (a process that usually violates search engine terms of service and could result in blacklisting of the site); and secondly, it can redirect site visitors to spam content. The latter function is more advanced than usual, because it only redirects unregistered site users (presumably one-time visitors who wouldn’t flag the issue to the webmaster). And, it redirects visitors to certain pages based on their profile.

So, malefactors can inject SEO terms – hidden from site users – into the web page’s code, which will be indexed and move the site up in the search engine results. That improves the exposure for the true purpose of the campaign, which is to redirect visitors to sketchy external sites, which could be carrying out ad fraud or serving malware, among other things.

Source: https://threatpost.com/wordpress-seo-inj...re/140055/
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Reply


Messages In This Thread
WordPress Targeted with Clever SEO Injection Malware - by silversurfer - 19 December 18, 13:26

Forum Jump:


Users browsing this thread: 2 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
QOwnNotes 19.1.6
24.12.4 The wel...Kool — 12:56
INTEL Arc Graphics 32.0.101.6325/6253 dr...
Highlights Fix...harlan4096 — 11:06
GFYI [Official] Revo Uninstaller Pro v5...
"Share feedback...damien76 — 09:01
GFYI [Official] SpyShelter PRO v15 Chri...
Merry Christmas and ...damien76 — 08:56
GFYI [Official] IObit Christmas 2024 Bl...
Merry Christmas and ...damien76 — 08:54

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>