MalwareIntelligence is a site dedicated to research on all matters relating to anti-malware security, criminology computing and information security in general, always from a perspective closely related to the field of intelligence.


BlackHat SEO Campaign for the thirtieth anniversary of PAC-MAN

Recently, the legendary video game PAC-MAN has completed 30 years of existence and Google has launched a campaign in his honor by placing a banner that allows even play.

However, Google not only benefits from this but also cyber-criminals, who saw in this campaign a new opportunity to attack and have launched another campaign, but the spread of malware through BlackHat SEO (also called SEO Poisoning).

Some other search parameters may include:

pac man 30th anniversary game
pac man 30th anniversary games
pac man 30th anniversary google
pac man 30th anniversary high score
pac man 30th anniversary play
pacman free online 3d
pacman free online addicting games
pacman free online download
pacman free online game for kids
pacman free online game
pacman free online no sound
pacman free online play
pacman free online with no sound
pacman game download
pacman game flash
pacman game for kids
pacman game for wii
pacman game free download
pacman game full screen

Traffic redirected to the download of scareware. In this case, a binary md5 4c9ac21a2730a5e6d8c8018afb517d5e which has a very low detection rate: 6/41 (14.63%).

Among the domains that involves the campaign are:

To achieve massify the campaign and get a good PageRank in Google, criminals violated a server hosted on a list of web pages with the titles which make up words that are the subject of regular search. These files are located in a hidden folder, often called the ".files"

Under this scenario, taking into account that these strategies are widely used for the propagation of malware, a good practice is to verify at the root of posting the existence of hidden folders.

Related information
Estrategia BlackHat SEO propuesta por Waledac
Malware propagation through blogging sites format and BlackHat SEO
Campaña de propagación del scareware MalwareRemovalBot

0 comentarios:

Post a Comment