It isn't easy to gain a spot on the top of Google's search results due to Google's search engine optimization (SEO) algorithm, but it looks like hackers have already figured it out — in the worst way.
Security researchers at Sophos found that old malware called Gootkit somehow conquered Google's SEO algorithm, tricking it into thinking fake sites were legitimate then causing the algorithm to bring said sites to the top of search results.
- What is a VPN, and why you should be using one
- Someone hacked into Apple and PayPal and they didn't even know it happened
- How to block a website on Google Chrome
"The example shown above belongs to a legitimate business, a neonatal medical practice based in Canada. None of the site’s legitimate content has anything to do with real estate transactions – its doctors deliver babies – and yet it is the first result to appear in a query about a very narrowly defined type of real estate agreement," Sophos states.
This will then lead people to a fake forum page, where the "admin" has a message with a link to a direct download. This definitely doesn't have any answers. Instead, there is a zip file with a filename that matches what was searched for and another file within that one with the exact same name. Double-click on that and, well, you've been duped.
According to the report spotted by TechRadar, the hacked sites with a fake forum use a well-known content management system (CMS). The hackers, or threat actors, then rewrite how the contents of the website are presented, going as far as basing it on the individual visitor's habits.
Sophos has even stated that the way Gootkit "accomplishes this task deserves some discussion, because it centres as much around technology as human psychology.” Yikes.
Gootkit, or as Sophos and other security experts are calling it, "Gootloader", has been around for the past five years, and with Sophos noting that a lot of effort has been put into the malware delivery method. Attacks, which including an array of malware payloads, have been deployed across North America, Europe and South Korea.
Always keep an eye out for malicious sites, even if they seem legitimate. If you're looking to keep safe while browsing the web, one of the best VPNs will do the trick.