MalwareIntelligence is a site dedicated to research on all matters relating to anti-malware security, criminology computing and information security in general, always from a perspective closely related to the field of intelligence.


Malware propagation through blogging sites format and BlackHat SEO

We have seen and mentioned at one point that the strategies used during the processes of malicious code spread more and more involved BackHat SEO techniques to achieve different vectors for access to download the file you are looking to spread malicious.

Combined with Social Engineering and domain names with high demand keywords through search engines that refer to websites with a large and massive flow of use as Rapidshare, Megaupload and other related music, games, movies, etc., make as a whole, a very effective method of propagation.

Currently it's carrying out a major propaganda campaign through websites that simulate the whole structure of blogging and use words much sought after and combined together to form the domain name to download malware using flashy BlackHat SEO techniques to achieve good search engine positioning. Among the words used are: rapidshare, megaupload, free, games, soft, warez, ftp, music, full house, pub, movies, cat, catalog, download.

Among the domains created from the combination of these words are:

freesoftcat .com (
movie-rapidshare .com
music-rapidshare .com
warez-catalog .com
games-rapidshare .com
www.downloads-rapidshare .com
www.freesoftcat .com .com .com
www.warez-catalog .com

free-full .com (
moviesrapidshare .org
musicrapidshare .org
softrapidshare .com
softrapidshare .org .com
www.musicrapidshare .org
www.softrapidshare .com

free-full-rapidshare .com ( .com

cpmusicpub .com (
ftp-warez .org
soft-rapidshare .net
www.ftp-warez .org
www.soft-rapidshare .net

free-games-rapidshare .com (
tsautah .org .com
www.soft-warez .org
www.tsautah .org

The search engine words or subjects that are part of the pages have a very powerful position, appearing, as in the example in the top positions.

From the different places a battery is discharged malware important not only in quantity but in variety. Some of the malicious files are:

SoftwareAngular.Momentum.-.Chromium.45094.exe - 2/41 (4.88%)
Keygen.OJOsoft.Total.Video.Converter.v2.6.1.0106.-.For.MKV!.exe - 24/40 (60.00%)
Setup.exe - 26/40 (65.00%)

BackHat SEO techniques present a new approach to spreading malware that malware writers don't let the side, marking a trend and effective campaign and aggressive infection difficult to control through conventional mechanisms.

Related information this Blog
Estrategia BackHat SEO propuesta por Waledac

Jorge Mieres

0 comentarios:

Post a Comment