Hackers use SEO to steal bank credentials2017-11-03 17:10 by Daniela
Security researchers at Cisco Talos revealed that hackers are using new techniques to poison Google search results and to infect users with a banking Trojan called Zeus Panda.
Attackers are using SEO techniques to leverage favorable Google SERP (Search Engine Results Pages) ranking of popular sites. By adding keywords in the hacked websites, these malicious pages are then ranked at the top of the Google search results for specific and carefully chosen queries – banking and financial questions.
Once a user clicks on these pages, they find themselves on a hacked site, from where they are redirected to other pages displaying malicious ads and/or malicious documents.
The overall configuration and operation of the infrastructure used to distribute this malware was interesting as it did not rely on distribution methods that Talos regularly sees being used for the distribution of malware. This is another example of how attackers regularly refine and change their techniques and illustrates why ongoing consumption of threat intelligence is essential for ensuring that organizations remain protected against new threats over time.
Read more -here-