A new hacking method used by exploiters and dark entities on the web uses SEO or search engine optimization on a company’s website before injecting deeply embedded malware to attack its systems. The malware is now identified as “Gootloader” and while the group appears to be optimizing the website, they are doing the opposite.
(Photo: screenshot from Pexels’ official website)
SEO is one of the best ways to rank a website for more searches and reach a target audience on Google search engine. This is especially true for news and current events. This is one of the most effective ways to get the word out about a website or company. This can help improve statistics and ensure visits to the website on which the products are offered.
Instead of optimizing the website and its pages, hackers have now found a way to “de-optimize” it and inject malware on well-crafted websites to fully embed the virus within the company’s systems. The tactic would not only protect the website from potential hacks and viruses, it would also confuse it with Google as it tries to trick the search engine.
Also read: Elon Musk ‘city of the starbase’: SpaceX creates massive spacecraft facility in Texas?
SEO hackers inject new malware
(Photo: Photo by Leon Neal / Getty Images)
This photo illustration outlines a woman against a projection of a password login dialog box on August 9, 2017 in London, England. In so many areas of modern life where identity verification is required, online security remains a constant concern, especially after the recent spate of global hacking.
According to Sophos News, the process of fake SEO practices being carried out on the victim’s website is known as “de-optimization” and has recently become apparent. People have been getting into SEO more lately, largely because they are trying to rank in Google’s search suggestions and early results that have come up during this pandemic season.
In addition, the hackers who originally developed the REvil ransomware for several companies that attacked their system and integrity introduced a new malware called “Gootloader” which was specially designed for SEO. The malware uses “dirty tactics” from the SEO practice and uses them as a front for its malicious actions embedded in the systems.
Initially, people would be fooled that this is actually an SEO practice and what a great website optimization and update could look like, but in reality it is not. In addition, the de-optimization process hides other malicious malware in addition to the Gootloader and can add the other Trojans of the threat actors, including the “Kronos Trojans” and the “Cobalt Strike”.
How do hackers insert malware into SEO?
(Photo: Photo by Glenn Carstens-Peters on Unsplash)
According to ZD Net and Sophos, the threat actors access the CMS platforms of various companies and access weak to average securities on the website and force access to the stolen accounts. After that, the hackers would have almost full control of the website, and that’s where it would start working to deliver the payload.
Additionally, the Bootloader and Goot Kit process is very extensive and uses 400 or more servers concurrently for the process to succeed and keep a hack in a system. The company is committed to changing how the site is viewed and targeting specific visitors who it could fall victim to with its fake SEO tactics previously noticed by Google.
Related article: LastPass Password Manager has seven trackers, according to security experts. I recommend against it
This article is owned by the Tech Times
Written by Isaiah Alonzo
Hacker, Hack, SEO, Search Engine Optimization, SEO Tactic, SEO De-Optimization, SEO Hack, SEO Hack Malware, SEO Malware, Malware, Gootloader Malware
Ⓒ 2018 TECHTIMES.com All rights reserved. Do not reproduce without permission.