Poisoned search results: Automated SEO poisoning attacks to distribute malware
This paper describes recent research by SophosLabs into how attackers are using blackhat Search Engine Optimisation (SEO) techniques to stuff legitimate websites with content designed to rank highly in search engine results, yet redirect users to malicious sites. These websites are being used to distribute rogue security products (also known as “scareware” or “fake
antivirus”)onto users' computers.
Sophos researchers have analysed the malicious SEO kits used by hackers to create networks of thousands of crosslinked pages containing searchfriendly content on hottrending topics, hosted on compromised, legitimate websites.