Hackers use SEO to steal bank credentials

Security researchers at Cisco Talos revealed that hackers are using new techniques to poison Google search results and to infect users with a banking Trojan called Zeus Panda.

Attackers are using SEO techniques to leverage favorable Google SERP (Search Engine Results Pages) ranking of popular sites. By adding keywords in the hacked websites, these malicious pages are then ranked at the top of the Google search results for specific and carefully chosen queries – banking and financial questions.

Once a user clicks on these pages, they find themselves on a hacked site, from where they are redirected to other pages displaying malicious ads and/or malicious documents.

The overall configuration and operation of the infrastructure used to distribute this malware was interesting as it did not rely on distribution methods that Talos regularly sees being used for the distribution of malware. This is another example of how attackers regularly refine and change their techniques and illustrates why ongoing consumption of threat intelligence is essential for ensuring that organizations remain protected against new threats over time.

Read more -here-

• NASA will start livestreaming content on Netflix later this summer
• The government's Apple antitrust lawsuit is still on
• Millions of printers open to hacks due to unpatchable security flaw
• Microsoft to retire the Blue Screen of Death for a Black Void
• Google rolls out Street View time travel to celebrate 20 years of Google Earth
• T-Mobile's satellite service officially launches in July