Not everything you search for on the Internet results in what you expected. Search Engine Optimization (SEO) manipulation and hacks are not new but recently have a new meaning. When you search for anything on the Internet, your search engine provider (Google, Bing, Yahoo, etc.) will serve ad-supported results first. Then it will list results based on a complex algorithm that highly relies on SEO technology. SEO is a process used in website development to make it better for search engines. It increases the probability of your website reaching the top of search results. Criminals also found ways to hack their way into search engine ad algorithms. But none of it is new.
Now, hackers are packaging malware into the application for major social media and messaging platforms into the bundled services and raising it to the top of search results. WhatsUp, Twitter, and Facebook are the most popular. Here is how it works. Hackers create a website that promotes a social media or messaging "client on steroids," promising extended functionality or all-in-one solutions. Then paying for or hacking ads engine or manipulating with SEO, or sometimes both, they promote their website to the top of the search result list. If you are searching for a WhatsUp client and not paying attention to the results displayed, you may choose the attacker's website and download malware instead. Your browser will label ads appropriately, but remember, anyone can pay for an ad, even criminals.
Takeaway
- Visit the source website for any download.
- Skim through the first few search results, especially any that have an "ad" symbol.
- Pay attention to domain names. Look for outliers.
- misspelled domains
- "chained" domain names (i.e., whatsup-messanger[.]com or whatsup-download[.]com
- Use privacy-centric search tools (i.e., DuckDuckGo) to bypass ad-driven result.
Hacks around social media and messaging platforms are becoming a primary focus for criminals. Make sure you are extra vigilant when using these platforms.
------------------------------
Genady Vishnevetsky
Chief Info Security Officer
Stewart Title Guaranty Company
Houston TX
------------------------------