Cybercriminals are deploying search engine optimization (SEOSecurity researchers have discovered ways to promote malicious domains in Google search rankings.
According to a report by AT&T’s security team, apart from the distribution. Malware Through e-mail campaigns, the operators behind the infamous Sudinokini. ransomware They are targeting key phrases that are usually killed in Google.
There is a saying that nothing can be certain except death and taxes. In today’s cyber-threat scenario, we can add ransomware to this shortlist, “wrote Ken NG, an AT&T researcher. [our] There was an incident at the crossroads of almost consumers. And ransomware. “
SEO for cyber criminals.
Although the attack was automatically reduced by safety precautions, AT&T felt that the incident needed further investigation, as it was not immediately clear how the individual became infected.
When the researchers finally traced the aggressive domain, they found that it was different because it used HTTP, not HTTPS (a more secure protocol), and because the URL had nothing to do with the page title. Keep in mind what was developed with SEO.
The page was reportedly “extremely suspicious and sparse”, with a link to download the answer to the original search question: “Does Missouri have a mutual agreement with Kansas?”
The nature of this level of targeting is alarming (ultimately, a relatively small number of people are likely to ask this particular question) and it begs the question: how important are Sudinokbi and other cybercriminals targeting? ?
To avoid such attacks, users are advised to make sure that their devices are protected by a reputable device. Anti-virus The service is designed to clean websites that are not protected via HTTPS and to avoid downloading content from unknown sources.