Did you know Security Experts Issue Alert As Another Google Search Query Gets SEO Poisoned Leading To Windows Malware
Security experts are raising the alarm against another search query on
Google that comes under the tag of SEO poisoned. This means if you
search for a certain phrase or term, it will result in links that entail
Windows malware.
The news comes to us thanks to a report published by cybersecurity giant Sophos.
It detailed more about how fake forum sites pop up near the top of the
Search results when you look for something such as ‘Are cats legal in
Australia?’ When you press on this, it triggers zip file downloads
featuring malware.
Any malicious file will pop up across the web page related to fake admin posts.
Such
malware is the latest version of GootLoader that is used to add
ransomware on a victim’s machine. The same is the case for banking
trojans. It combines Scheduled Tasks with PowerShell and JavaScript
files to infect PCs.
The files feature a lot of obfuscated codes
and fake data linked to licensing. This adds a very realistic touch that
cannot be detected by those who aren’t tech-savvy. It also claims to
arise from software on Microsoft as mentioned in its JavaScript but
that’s not true.
Various versions of the malware were present for
years and they keep on infecting PCs via SEO-poisoning. The GootKit has
been present for nearly 10 years. Before, older versions used to
exploit JavaScript to carry out the attacks.
They
prep the computers for the Cobalt Strike malware payload and
ransomware. So this is clear proof that just because you find a site
located near the top of Google’s search results, don’t just assume it’s
safe. It could be malicious and filled with malware in the form of ads.
These
not only track users but also trick them into clicking or downloading
something that is far from what it actually is. Take for example the
popular DeerStealer malware that was disguised in between verified
Google ads for false authenticator applications as reported by various
top security companies.
