The black hat SEO cluster called DragonRank is targeting various countries in Asia and Europe, exploiting vulnerabilities to manipulate search engine rankings and facilitate SEO fraud.
DragonRank exploits targets' web application services to deploy a web shell, collecting system information and launching malware like PlugX and BadIIS, thus executing credential-harvesting.
Investigations revealed IIS malware is versatile, used in SEO fraud to alter search engine algorithms and elevate the status of third-party websites exploited by attackers.
The latest attacks revealed by Talos affected multiple industries, including healthcare, media, and transportation, by utilizing known security flaws to perpetrate wide-ranging cybercrimes.
[
Collection
]
[
|
...
]