Banking Trojan Targets Google Search Results

DooKey

DooKey

[H]F Junkie
Joined
Apr 25, 2001
Messages
13,554
It has become common for users to use Google to find information that they do not know. In this situation, the threat actors decided to take advantage of this behavior by using Search Engine Optimization (SEO) to make their malicious links more prevalent in the search results, enabling them to target users with the Zeus Panda banking Trojan. After reading the blog, I found it pretty interesting how they did this hack. The variety of ways hackers continue to adjust to the cyber landscape is fascinating.

Attackers are constantly trying to find new ways to entice users to run malware that can be used to infect the victim's computer with various payloads. Spam, malvertising, and watering hole attacks are commonly used to target users. Talos uncovered an entire framework that is using "SERP poisoning" to target unsuspecting users and distribute the Zeus Panda banking trojan. In this case, the attackers are taking specific keyword searches and ensuring that their malicious results are displayed high in the results returned by search engines.
 
I think, unless we stop thinking of hackers as antisocial kids living in their parent's basements, and start treating them with the same respect we show engineers in more legitimate professions, we will always amazed at what they can do. We are blindsided because we think the approach is a fluke, rather than the next logical step.
 
spugm1r3 said:
I think, unless we stop thinking of hackers as antisocial kids living in their parent's basements, and start treating them with the same respect we show engineers in more legitimate professions, we will always amazed at what they can do. We are blindsided because we think the approach is a fluke, rather than the next logical step.
Click to expand...
To be fair though we show engineers too much respect. They’re a bit dumb actually.
 
spugm1r3 said:
I think, unless we stop thinking of hackers as antisocial kids living in their parent's basements, and start treating them with the same respect we show engineers in more legitimate professions, we will always amazed at what they can do. We are blindsided because we think the approach is a fluke, rather than the next logical step.
Click to expand...

name 1 person who respects engineers. We show kinds in their parent's basements far more respect.
 
Nolan7689 said:
To be fair though we show engineers too much respect. They’re a bit dumb actually.
Click to expand...

Exavior said:
name 1 person who respects engineers. We show kinds in their parent's basements far more respect.
Click to expand...

The point I'm making is that we treat these hacking events as aberrations, instead of the inevitable result of hard work and ingenuity. The result is system solutions with pivotal flaws that exist because someone didn't focus on how they would be attacked. It's the same myopic thought process that builds a wall because you don't have any planes.
 
You must log in or register to reply here.
Back
Top