SEARCH RESULTS
 
Showing 1-10 of 39 records
 
Expand article

The Continuing .Gov Blackhat SEO Campaign - Part Two

The Article has images
2008-02-25 08:42:20 by HASH0x8b54014 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...SEOers are actively experimenting with embedding their content on high pagerank sites, such as .govs , the numerous campaigns , one of which was by the way serving malware , indicate that injection the content through remote file inclussion or remotely exploitable web application vulnerabilities is an emerging trend that deserves to be...
 
Tags: seo content, invisible seo content, pages, seo pages, content, military affairs, homecare, gov, national homecare council
 
 
 
 
Expand article

Blackhat SEO Campaign at The Millennium Challenge Corporation

The Article has images
2008-05-07 03:57:19 by HASH0x8ae4918 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...SEO campaign that has managed to inject and locally host 1,370 pharmaceutical pages, is the Millennium Challenge Corporation ( mcc.gov ) - a United States Government corporation designed to work with some of the poorest countries in the world The injected pages are loading remote images from what looks like a secondary compromised site, in...
 
Tags: images, images ttv-bit, sites, page rank-ed sites, ttv-bit, spam pages, spam, campaign, pages
 
 
 
 
Expand article

Massive Blackhat SEO Targeting Blogspot

The Article has images
2008-02-17 22:53:13 by HASH0x8ad5e0c in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...SEO-ers into the efficient registration and posting of junk content with the idea to monetize the traffic that will come from the process, seems to continue evolving as a process. In this specific case, we have firesearch.sc (64.111.196.120; 64.111.197.88) a blackhat SEO links farm that's visualized in the attached screenshot, and several...
 
Tags: blogspot, blogspot accounts directly, entire operation, operation, content, blogs, sample blogs, firesearch, real-time content
 
 
 
 
Expand article

Massive IFRAME SEO Poisoning Attack Continuing

The Article has images
2008-03-27 21:12:29 by HASH0x8b4fa7c in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...SEO poisoning, as without it the input validation and injecting the IFRAMEs would have never been able to attract traffic at the first place The attack is now continuing, starting two weeks ago, the main IPs behind the IFRAMES are still active, new pieces of malware and rogue software is introduced hosting for which is still courtesy of the...
 
Tags: massive, single massive seo, profile sites, profile sites iframe, attack, seo, malware, malware attack, massive blackhat seo
 
 
 
 
Expand article

UNICEF Too IFRAME Injected and SEO Poisoned

The Article has images
2008-04-01 07:42:20 by HASH0x8b227b4 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...SEO poisoning , is UNICEF's official site. In fact the campaign is so successful, where successful means that each and every poisoned result loads the injected IFRAME using UNICEF.org as a doorway to pharmaceutical spam and scams, that one of the most prolific domains within the IFRAMES ( highjar.info ) is already returning " Bandwidth Limit...
 
Tags: seo, unicef, easy seo, site, site owner, iframe, unicef effect, massive seo, campaign
 
 
 
 
Expand article

Blackhat SEO Redirects to Malware and Rogue Software

The Article has images
2008-06-05 07:59:47 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...SEO farm with built-in redirection to a multitude of sites serving rogue codecs (Zlob malware variants) and fake security software phoning back to UkrTeleGroup Ltd's network - could it get even more interesting? Of course, as the current state of Zlob malware serving tactics can be seperated in two distinct groups, those abusing the "sort of"...
 
Tags: sites, profile sites, multimedia sites, codec sites, zlob variants, zlob, zlob malware variants, rogue codec sites, domains
 
 
 
 
Expand article

The Invisible Blackhat SEO Campaign

The Article has images
2008-01-08 17:23:47 by HASH0x84733a0 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...SEO campaign, and despite that "Fresh Afield's" blog ( blogs.mdc.mo.gov ) is now clean, cached copies confirm the existence of hidden links that were embedded on each and every post on it, apparently due to a compromise. The blackhat SEO links invisible embedded within the blog's posts on the other hand point to a compromised account at the...
 
Tags: blackhat seo campaign, campaign, gov url, mdc, blackhat seo pages, blogs, gov, copies confirm, fresh afield
 
 
 
 
Expand article

Visualizing a SEO Links Farm

The Article has images
2008-02-13 10:18:26 by HASH0x8b1b484 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...SEO tools, where the level of internal linking has been set a relatively modest one, as for instance, the core pages extensively link one another, but a huge proportion of the SEO content remains burried in a number of hops a crawler may not be interested in making - this could be automatically taken care of in the process of generating the...
 
Tags: seo content remains, content, blackhat seo tools, huge proportion, month ago, crawler, visualization, care, issue
 
 
 
 
Expand article

The Continuing .Gov Blackat SEO Campaign

The Article has images
2008-02-18 15:23:38 by HASH0x8bf8e28 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...SEO content into .gov domains , once the pages are up and running, they get actively advertised across the Web, again automatically. While bridger-mt.gov responds to 72.22.69.184 , the subdomain freeporn.eee.bridger-mt.gov is pointing to another netblock, in this case 66.49.238.80 , exactly the same approach was used in a previous such...
 
Tags: gov, pages, gov domains, bridger, gov responds, bridger-mt, cobb county government, freeporn, subdomain freeporn