InfoSecurity Magazine recently published an article on the discovery of SEO poisoning on a web domain owned by the United Nations. The source of the discovery? Websense®Security Researcher Amon Sanniez. Sanniez blogged about the black hat SEO attack on May 27 – he highlighted that the sub-domain under attack was the Sustainable Energy Finance Initiative site of the United Nations. The domain appeared to be compromised by a number of medical spam-related URLs, most of which are compromised sites themselves. Branded drug names such as ‘Viagra’ and ‘Levitra’ were embedded in the code to help result in higher search engine ranking - a classic SEO poisoning tactic.. While most mainstream search engines like Google are aware of these tricks, Sanniez argues that some attacks do slip through the cracks.
"Like most black hat SEO attacks on compromised sites, the site tends to look perfectly fine, and there is no indication that the site has been compromised” –Amon Sanniez, Associate Security Researcher
Why is this significant? Remember the statistic from the Websense Security Labs™2010 Threat Report, which reports that almost 80% of cybercrime scams are on compromised legitimate web servers. Attacks are growing more and more advanced every day – and it’s getting harder for simple security software to detect them. Find out how to prevent the possibility of your organization falling victim to these attacks here.
English (US)