India, Japan, South Korea, Thailand, Vietnam, Singapore, Taiwan, the Philippines, and Brazil are having their government, education, technology, and telecommunications sectors' Microsoft Internet Information Services servers compromised with the BadIIS malware as part of a search engine optimization manipulation attack campaign, The Hacker News reports.Attacks — which are believed to have been conducted by Group 9-linked Chinese hacking operation DragonRank — involved payloads with SEO fraud and malicious JavaScript code injections resembling those utilized by Group 11, according to an analysis from Trend Micro. Researchers noted that the BadIIS malware leveraged in the new campaign facilitated the monitoring of the 'User Agent' and 'Referer' fields in the HTTP response header received from the web server. "If these fields contain specific search portal sites or keywords, BadIIS redirects the user to a page associated with an online illegal gambling site instead of a legitimate web page," researchers added. Such findings follow a Silent Push report detailing infrastructure laundering performed by the China-based Funnull content delivery network.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds