SEO poisoning

SEO poisoning is a method used by cyberattackers to position malicious websites in the best search engine results. The practice consists in using in the semantic body of the website, keywords, or expressions regularly used by Internet users to carry out their searches.

In a recent article published on SEKOIA.IO CTI blog, our Threat & Detection Research team has unveiled the vast infrastructure used by threat actors to distribute infostealers such as :

  • Raccoon Stealer,
  • Mars stealer, Vidar,
  • Aurora Stealer via pirated software installers

This infrastructure composed of more than 250 domains is made visible to victims through the use of SEO poisoning. They also use Google Ad campaigns or publications in legitimate community spaces.

For more information, click here:

You can read other content on our glossary: