The Dark Side of Trusting Web Searches: From Blackhat SEO to System Infection
This paper will explain how cybercriminals leverage blackhat SEO to compromise systems. It will share the observations regarding various sites that have been compromised and on doorway pages that have been specially crafted for use in blackhat SEO attacks. It will also identify the techniques that cybercriminals use to mask infected pages and the different payloads that the said compromised sites deliver. This paper focuses on the overall blackhat SEO-instigated infection chain and provides data on the latest SEO tool kit versions cybercriminals use today. Finally, it provides best practices that anyone who uses a search engine can adhere to in order to prevent system infections as a result of SEO poisoning and to rid infected systems of malware payloads.