Current category:Malware

Search Engine Poisoning

Another day, another acronym to remember. This one is important, though, as the prevalence of SEP is on the increase.

Security firm Imperva released a report on search engine poisoning, which, in summary, is a manipulation of search engine result, often using black-hat SEO techniques, to display results that contain references to malware delivering sites – which might either spoof a user to download malicious files, or use so-called drive-by techniques to instigate a download on poorly configured systems.

The report suggests various techniques can be used in the SEP attack, including:

  1. Taking control of well-known, but poorly secured web properties
  2. Using sponsored links (ads) to reference malicious sites
  3. HTML Injection techniques

The report contains a handy info graphic that defines the anatomy of search engine poisoning, from start to finish.

GD Star Rating

About Justin Bellinger

Justin is an experienced software professional, having worked in software and software security for nearly 20 years. Justin is VP of Security Products at SPAMfighter.
This entry was posted in Malware and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *