Attackers could remotely control the rankings of the compromised sites and redirect targets to phishing pages
Underground market platform Hacklink has been fueling the increase in SEO poisoning attacks in Google Search results, which have been particularly targeted at the gambling sector.
Hackread reports that threat actors have been leveraging Hacklink to covertly inject malicious code matching often-searched keywords into breached websites in a bid to manipulate Google Search results, according to an analysis from Netcraft.
With Hacklink enabling dynamic text manipulation in search results, attackers could not only remotely control the rankings of the compromised sites in search results without site supervision but also redirect targets to phishing pages masquerading as legitimate websites.
Such a threat should prompt immediate patching efforts, admin panel security upgrades, and regular file modification tracking among organisations. Meanwhile, site owners were urged to review search results for their domains, perform unauthorised outbound link audits, and domain reputation monitoring. Users, on the other hand, were advised to properly verify URLs before providing personal or financial data.
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
