Network Security

Black-Hat uses SQL injection to your site to boost their SEO ranking

Illicit web sites selling everything from drugs and adult content to counterfeit goods are boosting their SEO rankings by using illegally created referral links from legitimate websites, Amichai Shulman, co-founder and CTO of Imperva told SC MagazineUK.com.

Shulman explained that the company had identified more than 700 host IP addresses used by a botnet to launch SQLi and HTML link injection as well as comment spam attacks on vulnerable websites to create hidden links back to their clients' websites. So instead of using the technique to steal data, it was used to insert data, in a 'crime-as-a-service' operation offered to dodgey web sites.

“It's not a victimless crime,” Shulman told SC, adding, “Over the longer term the Google ranking of the victim site goes down as a result of this [manipulation of SEO ranking]."  A lot of sites need to be hit, hence the use of a botnet to send out the attacks.  The ‘link farms' can be made up of content and links, and in some cases the links go via intermediary referral sites.

Shulman adds, “Its a serous threat but its easy to mitigate – ye so many applications don't bother.  They think hacking is something so complex that there's nothing they can do, but often its not about winning a big battle, but taking simple actions.  And smaller companies often think they can't afford to defend themselves, but for a small app the costs can start from about US$ 50 per month. They are only being attacked because they decided to do nothing.”

Another issue is that the sites affected have proven themselves to be vulnerable to attack and thus the criminals could use this gateway attack to identify future victims and chose to come back and steal or change data at another time.

Details of how Imperva discovered the attack are detailed in its Hacker Intelligence Initiative (HII) Report entitled: Black Hat SEO: A Detailed Analysis of Illegal SEO Tactics.

An In-Depth Guide to Network Security

Get essential knowledge and practical strategies to fortify your network security.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds