ESET researchers have revealed a professional group of Chinese electronic crimes that treat search engines (SEO) to enhance traffic on gambling sites.
The bad actor, called Ghostredirector by ESET, may be at least at least 65 Windows server in Brazil, Thailand and Vietnam. Researchers claim that the group uses two dedicated tools: it is a negative C ++ inheritance that they called Rungan, and the IIS Malver Internet Information Services Unit (IIS) called Gamshen.
Rungan can carry out orders on a speaker at risk, while GAMSAN can perform SEO search engines to process the search engine results. This can enhance the page classification of the website, which the crime group uses to increase traffic to gambling sites.
Although he can only adjust responses from Googlebot, it will not affect ordinary site visitors, the use of this tool can harm the reputation of the long -term host web sites.
Researchers have found a series of other custom tools used by Ghostredirector, as well as some familiar names in the world of electronic crime, such as EFSpotato and Badpotato. It is believed that this is used as a backup if it should fail runan, or to attack servers with higher security privileges.
“We believe in medium confidence that the representative of the threat that allied China was behind these attacks,” he says, “He says,” He says. Statement from ESET.
How to protect against electronic crime tools
To protect from such tools, ESET recommends a guarantee that institutions use customized accounts, strong passwords, and multiple agents whenever possible. These steps are especially important for IIS server officials.
This is because ghostredirector and Other internet criminals Not only can IIS tools be published on reasonable servants already. Preventing them from reaching them primarily protects from customized malware such as Rungan, and thus Gamshen.
ESET also recommends that officials should ensure that the original IIS units can be installed only from reliable sources and is signed by a reliable provider, and it perfectly requires two parties to successful installation.
Distinguished Image: Unsplash
Pamphlet A group of Chinese professional internet crimes manipulates SEO to increase gambling sites First appear on reading.
[og_img]
Source link