Microsoft Security Center Site Breached

Tuesday, July 12, 2011 @ 04:07 PM gHale

Microsoft suspended the search capability on its Safety & Security Center website after they found the results enriched with malicious links.

Search result poisoning, technically known as black hat search engine optimization (BHSEO) distributes malware or promotes spam sites. The technique involves compromising real sites and creating pages under their domain filled with popular search keywords.

Zero Tolerance: UK Cops Bust Hacker
Assault Scenario: Attackers ‘Strike’ Nukes
Charges Fly after Extortion Hack
Nuclear Weapons Plant Hacked

Attackers then use other hacked websites to link back to the pages, therefore increasing their search result standing for the targeted terms.

While the pages appear to have content to search engine crawlers, they redirect real visitors to malicious sites.

The BHSEO campaign on Microsoft’s Safety & Security Center website is a bit different, said Alex Eckelberry, general manager of security software at security solution provider, GFI.

In this case, cyber criminals created search results to search results. “In other words, blackhat SEOs are seeding illegimate search results within the Microsoft search results. Pretty tricky and impressive,” Eckelberry said.

The rogue search results on Microsoft’s Security Center led to malicious adult sites which asked users to download special codecs in order to play videos. This is an old trick used by malware distributors and in this case the codec was a piece of adware called Zugo which works as a rebranded Bing toolbar.

Leave a Reply

You must be logged in to post a comment.