WaterHole Attacks – Compromised Websites

Estimated Reading Time: 3 minutes

Instances of large-scale compromises of both private industry and public institutions in 2013 prompted a flurry of activity among security researchers to identify emerging and established threats. Commonly identified as Advance Persistent Threats (APTs), this phenomenon is expected to continue well into the foreseeable future. Fundamental to the spread of these threats is one of their foremost methods of propagation – a water hole attack.

Anatomy of a Modern Compromised Website

Estimated Reading Time: 5 minutes In the security community, little attention is paid to compromised websites that don’t serve up malware. The malicious URL lists maintained by the anti-virus companies, by Google, and by nearly every other source of malicious URLs rely on anti-virus to trigger on exploits and malware to determine if a site is malicious. In a few select cases, behavioral analysis may be used to determine if a visit to a website will lead to an infected computer.

Japanese Hosting Site Compromised

Estimated Reading Time: < 1 minute zveloLABS™ is today warning users to be wary of sites hosted on g0oo.info, a Japanese hosting site.  At this time, all blogs and other web sites hosted by g0oo.info are compromised and currently being used to boost the Google PageRank of various sites including Japanese pornography sites in a technique sometimes called “PageRank Bombing” and also referred to as “BlackHat SEO.”