A recent report by AT&T revealed that cybercriminals are using search engine optimization (SEO) tricks to insert malicious domains within Google search rankings.
Indeed, it was found out that hackers behind the Sodinokini ransomware attacks are now targeting common keyphrases used in Google search. A user unknowingly downloaded a rigged JavaScript file from a malicious domain while searching on Google. Even though the attack was mitigated automatically by the security protections, an investigation has still been launched to determine the origin of the threat.
The report also stated that using the information from the file should help find how the user got the file and what were the goals of the cybercriminals. Researchers were able to track down the malicious domain, as the hackers used HTTP and not HTTPS and the URL itself had nothing to do with the headline of the page.
In order to protect users against these kinds of attacks, the study then suggested making sure that all devices are protected by an antivirus service and not to go on websites not protected by HTTPS to avoid downloading malicious content.
