Image of the Day: SEO Poisoning

Today’s Image of the Day comes from web security firm Imperva, who’ve crafted an infographic to accompany their monthly Hacker Intelligence Initiative report on search engine poisoning (SEP).

Today’s Image of the Day comes from web security firm Imperva, who’ve crafted an infographic to accompany their monthly Hacker Intelligence Initiative report on search engine poisoning (SEP).

We’ve seen before how attackers continue to poison SEO to thwart search engine algorithms. To increase their rankings with Google and other sites and redirect users to a XSS-infected site, attackers taint search results with popular terms. Attackers are showing no signs of slowing down as a report from Websense last year showed that SEO-related malware Web sites appeared in almost a quarter of all search results.

Imperva breaks down such a similar, SEO poisoning campaign below, providing a step by step analysis of a SEP attack.

SEO poisoning

Suggested articles

Top 10 Breaches and Leaky Server Screw Ups of 2019

2019 was a banner year for data exposures, with billions of people affected by cloud misconfigurations, hacks and poor security practices in general. Here’s the Threatpost Top 10 for data-breach news of the year, featuring all the low-lights.

Discussion

  • Anonymous on

    I've noticed lately you don't even need to enter a website to be affected by these attacks. Website icon files and thumbnails have become infected and are exploitable simply by inputting the wrong search. We need people to wise up about website security because I'm getting really tired (*cough cough citi cough*) of companies and individuals not properly reviewing and deploying the very real and very essential security aspects to make sure that every two year old and his pet goldfish can't hack them. I actually stopped watching most security related news over the last month because even as a base-level security student, I am severely bemused by how old a lot of these exploits and tactics truly are... I have friends and family barely past my knees who can already hack into WIFI networks because some nimrod thought a good password was the name of the business or the SSID. Hell, I've had a harder time getting into a freaking tree-fort than past adult filters and registration lockouts..!

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.