A threat actor recently hijacked a vulnerable WordPress website set up by a security researcher, infecting the site to conduct a search engine optimization (SEO) attack in a potentially large-scale campaign. SEO attacks cause significant damage to a website’s operations by redirecting visitor traffic. In this case, the threat actor used brute-force cracking to access the researcher’s honeypot decoy site, then deployed malware that would redirect site visitors to any of 7,000 scam and e-commerce websites selling counterfeit products. The researcher also sounded the alarm on SEO extortion attacks, which coerce websites’ owners into paying ransom fees to reverse the damage to their search-engine rankings. SEO attacks, and extortion-based attacks in particular, place e-commerce stores at a high risk as the COVID-19 pandemic pushes holiday-season shoppers online: Fewer visitors means lost revenue.
Other content in this Stream
Weekly: Sunburst, Sunspot, and more on SolarWinds!
ShadowTalk hosts Alec, Charles, Austin, and Ivan bring you the latest in threat intelligence.
Weekly Intelligence Summary 15 January
A cyber-security firm released a free decryptor for the popular and sophisticated “DarkSide” ransomware.
Weekly: SolarWinds Updates, TicketMaster Fraud, Apex Cyber Attack, and More!
ShadowTalk hosts Stefano, Kim, Adam, and Dylan bring you the latest in threat intelligence.
Weekly Intelligence Summary 08 January
The cyber-security industry learned some valuable lessons during the unique and unprecedented year of 2020.
Weekly Intelligence Summary 23 December
The notorious Automated Vending Cart (AVC) website Joker’s Stash allegedly displayed a notification that the site was seized by law-enforcement agencies.
Weekly: SolarWinds Supply-Chain Attack Round-Up
ShadowTalk hosts Kacey, Charles, Alec, and Digital Shadows CISO Rick bring you the latest in threat intelligence.
Weekly Intelligence Summary 18 December
SolarWinds confirmed that its network management system, Orion Platform, was exploited to conduct a highly sophisticated, manual supply-chain attack.
Weekly Intelligence Summary 11 December
A global spearphishing campaign targeted organizations associated with a COVID-19 vaccine cold chain.
Weekly: Gootkit & REvil, Spam Haus Findings, and More!
ShadowTalk hosts Kacey, Charles, Alec, and Digital Shadows CISO Rick bring you the latest in threat intelligence.
Weekly: FunnyDream, Ragnar Locker on Facebook, and Egregor Ransom Notes
ShadowTalk hosts Kacey, Alec, and Charles, bring you the latest in threat intelligence.
Weekly Intelligence Summary 20 November
“CostaRicto” has become the fourth cyber-mercenary group to be discovered in 2020.
Weekly: RegretLocker, OceanLotus, Millions Seized in Cryptocurrency, and more!
ShadowTalk hosts Stefano, Kim, Dylan, and Adam bring you the latest in threat intelligence.
Weekly Intelligence Summary 13 November
The North Korean cyber-threat group “Kimsuky” has caught the attention of the US Cybersecurity and Infrastructure Security Agency (CISA), having proved itself a significant advanced persistent threat.
Weekly: SandWorm Indicted by DOJ, Darkside Has A Soft Spot, and Ryuk's Super Speedy Attack!
ShadowTalk hosts Kacey, Alec, Austin, and Digital Shadows CISO Rick bring you the latest in threat intelligence.
Weekly Intelligence Summary 23 October 2020
A ruthless, ever-evolving cyber-threat group, “FIN11”, has been discovered deploying “Clop”: ransomware that encrypts and exfiltrates data.
Weekly: Sanctions from the DOT, Fancy Bear Targets the US Government, and Foreign Spies in Disguise!
ShadowTalk hosts Kacey, Alec, Charles and Digital Shadows CISO Rick bring you the latest in threat intelligence.
Exposed Access Key Datasheet
SearchLight provides an industry-leading and scalable way to detect exposed access keys in near-real-time, complete with the context and guidance needed to effectively triage and respond.
Weekly: Law Enforcement Cracks Down On Cybercriminals, Fancy Bear Goes Phishing, And More
ShadowTalk hosts Kacey, Charles, Alec and Digital Shadows CISO Rick bring you the latest in threat intelligence.
Weekly: Ed Merrett Joins To Talk HackableYou And The Latest In Threat Intel
This week, Viktoria is joined by ShadowTalk residents Adam and Kim, and on this episode, they speak to guest Ed Merrett, founder of HackableYou, the cybersecurity podcast.
Weekly: The Team Talks Baka, Epic Manchego, and Smaug, Plus Emotet Rides Again
This week’s host Kacey is joined by Charles and Alec to bring you the latest in threat intelligence.