OODA Loop – Hackers exploit websites to give them excellent SEO before deploying malware

According to Sophos researchers, cyberattackers have been utilizing an interesting new technique: turning to search engine optimization to deploy malware payloads to as many victims as possible. The search engine method includes abuse of human psychology and SEO tricks to push up websites that have been compromised in Google’s rankings and therefore enticing more victims to click on the malicious sites.

SEO optimization is used by companies and organizations to legitimately increase their website’s exposure on search engines such as Google or Bing to attract more traffic. However, Sophos researchers found that threat actors are tampering with content management systems of websites, later depositing malware, exploit tools, and ransomware onto the compromised sites. The technique has been dubbed Gootloader by security researchers at Sophos in a blog post published today detailing the attack method.

Translate »