Compromised websites are a common attack vector for Malicious Cyber Actors, as there are often multiple vulnerabilities which are easily exploited.  Compromised websites are a common attack vector used by threat actors to serve any number of threats – malware, viruses, phishing, ransomware, etc.

WaterHole Attacks – Compromised Websites

Instances of large-scale compromises of both private industry and public institutions in 2013 prompted a flurry of activity among security researchers to identify emerging and established threats. Commonly identified as Advance Persistent Threats (APTs), this phenomenon is expected to continue well into the foreseeable future. Fundamental to the spread of these threats is one of their foremost methods of propagation – a water hole attack.

Japanese Hosting Site Compromised

zveloLABS™ is today warning users to be wary of sites hosted on g0oo.info, a Japanese hosting site.  At this time, all blogs and other web sites hosted by g0oo.info are compromised and currently being used to boost the Google PageRank of various sites including Japanese pornography sites in a technique sometimes called “PageRank Bombing” and also referred to as “BlackHat SEO.”