• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

Malware Redirects 15,000 Sites in Malicious SEO Campaign

You are here: Home / General Cyber Security News / Malware Redirects 15,000 Sites in Malicious SEO Campaign
November 10, 2022

Security researchers have spotted an intriguing malware campaign designed to increase the search motor rankings of spam web-sites below the management of threat actors.

Over 15,000 WordPress and other web sites have been redirected to the spam Q&A web sites, according to Sucuri. The hackers are employing modified WordPress PHP data files and, in some situations, their own PHP information to reach the redirects, with focused internet sites on ordinary that contains 100 contaminated data files every.

The location spam web sites, of which Sucuri has so considerably located 14, have their servers hidden guiding a CloudFlare proxy.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


“The websites appear to be to be using the identical Q&A pattern and are crafted using the Issue2Solution (Q2A) open source Q&A platform. According to their website, this platform is currently powering over 24,500 internet sites in 40 languages,” the seller described.

“The attackers’ spam web pages are populated with a variety of random issues and responses identified to be scraped from other Q&A internet sites. Numerous of them have cryptocurrency and economic themes.”

Despite the fact that no destructive exercise has been detected on these spam sites as but, the actors at the rear of this campaign could “arbitrarily include malware” to them or redirect website visitors yet again to malicious 3rd-party sites, Sucuri warned.

“It’s attainable that these poor actors are simply attempting to persuade Google that actual men and women from distinctive IPs applying distinctive browsers are clicking on their search outcomes. This technique artificially sends Google signals that all those pages are carrying out perfectly in research,” the seller extra.

“If this is the case, it’s a fairly clever black hat Web optimization trick that we have almost never seen made use of in enormous hack strategies. However, its impact is questionable presented that Google will be getting heaps of ‘clicks’ on look for outcomes without any actual searches currently being carried out.”

This idea is backed by the actuality that the second degree domains of the Q&A web sites “seem to belong” to the same folks, it additional.

The marketing campaign is relatively strange in that only 13% of all Web optimization spam infections are categorized as a destructive redirect, in accordance to Sucuri.


Some pieces of this short article are sourced from:
www.infosecurity-journal.com

Previous Post: «citrix issues patches for critical flaw affecting adc and gateway Citrix Issues Patches for Critical Flaw Affecting ADC and Gateway Products
Next Post: Some 98% of Global Firms Suffer Supply Chain Breach in 2021 Cyber Security News»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • BREAKING: 7,000-Device Proxy Botnet Using IoT, EoL Systems Dismantled in U.S. – Dutch Operation
  • OtterCookie v4 Adds VM Detection and Chrome, MetaMask Credential Theft Capabilities
  • Initial Access Brokers Target Brazil Execs via NF-e Spam and Legit RMM Trials
  • Deploying AI Agents? Learn to Secure Them Before Hackers Strike Your Business
  • Malicious npm Packages Infect 3,200+ Cursor Users With Backdoor, Steal Credentials
  • Beyond Vulnerability Management – Can You CVE What I CVE?
  • Google Rolls Out On-Device AI Protections to Detect Scams in Chrome and Android
  • Chinese Hackers Exploit SAP RCE Flaw CVE-2025-31324, Deploy Golang-Based SuperShell
  • 38,000+ FreeDrain Subdomains Found Exploiting SEO to Steal Crypto Wallet Seed Phrases
  • SonicWall Patches 3 Flaws in SMA 100 Devices Allowing Attackers to Run Code as Root

Copyright © TheCyberSecurity.News, All Rights Reserved.