Cybercriminals are increasingly employing sophisticated blackhat SEO tactics to hack websites, specifically targeting online casinos. This campaign involves injecting spam content into compromised websites, primarily those running WordPress. By exploiting vulnerabilities, attackers create duplicate directories with spam-filled landing pages that redirect visitors to undesired casino websites. This practice is particularly prevalent in regions with strict gambling regulations.
Sucuri security researchers have identified a sophisticated variant of this malware, which incorporates layers of redundancy to evade detection. The malicious code is hidden within both the theme and plugin files, using deceptive names in the WordPress database to maintain persistence. By manipulating database entries and employing methods such as retrieving a base64-encoded payload, the malware executes without detection, ensuring it remains functional even if discovered. This demonstrates the advanced techniques used in SEO spam campaigns.
👉 Pročitaj original: Cyber Security News
