CyberNews Briefs

100,000 Google Sites Used to Install SolarMarket RAT

Hackers are currently utilizing search engine optimization (SEO) tactics to direct users seeking common business forums such as invoices, receipts, or other templates to redirect them to hacker-controlled domains. According to eSentire’s Threat Response Unit, attackers are currently in possession of more than 100,000 malicious Google sites that seem legitimate but rather install a remote access trojan used to gain a foothold on a network. The attackers typically then infect systems with ransomware and credential-stealers to launch further attacks.

ESentire details how legions of unique, malicious web pages are impersonating popular businesses and using SEO tactics to appear in the first few pages of a Google search term, therefore attracting more victims. The pages include businesses-related keywords such as template, invoice, receipt, questionnaire, and resume, according to a report published by eSentire on Wednesday. This tactic is becoming increasingly common, according to the publication.

Read More: 100,000 Google Sites Used to Install SolarMarket RAT

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.