{"id":54672,"date":"2024-09-06T09:07:10","date_gmt":"2024-09-06T09:07:10","guid":{"rendered":"https:\/\/bocau.com.vn\/?p=54672"},"modified":"2024-09-06T09:11:00","modified_gmt":"2024-09-06T09:11:00","slug":"tin-tac-dang-tan-cong-nguoi-dung-thong-qua-ket-qua-tim-kiem-google","status":"publish","type":"post","link":"https:\/\/bocau.com.vn\/en\/tin-tac-dang-tan-cong-nguoi-dung-thong-qua-ket-qua-tim-kiem-google\/","title":{"rendered":"Hackers are attacking users through Google search results"},"content":{"rendered":"

 Security experts from Palo Alto Networks has discovered a campaign new attack, in which hackers use tricks sophisticated to spread malicious code through search results on Google.<\/p>\n\n\n\n

Fatal flaw in the network, causing hackers to attack users\u201cUnique way\u201d of the new files that user email trap<\/p>\n\n\n\n

\"\"
Photo illustration<\/em><\/figcaption><\/figure>\n\n\n\n

According to the report of the security division network Unit 42 of Palo Alto Networks, the hackers have tampered software VPN GlobalProtect, placing ads on Google Search to entice users to visit the malicious website.<\/p>\n\n\n\n

WikiLoader can download the additional load, stolen information and provide attackers remote access. The download for this rental has been active since at least the end of 2022 and has been updated with \u201ca number of unique tricks\u201d.<\/p>\n\n\n\n

The researchers believe that these guys brokers visit original the threat experts find a way to access computer systems are shifting from deceptive to perform attacks via poisoned SEO (optimized search engine).<\/p>\n\n\n\n

Poison SEO means is the site of the attack control will appear on the first page of search results instead of the legitimate product. Hackers try to make this by buying ads, or to improve page rank.<\/p>\n\n\n\n

Researchers in Palo Alto warned that the poison SEO will expand the range of potential victims and have observed a number of organizations in the field of education, university and transport of the United States affected by WikiLoader.<\/p>\n\n\n\n

\u201cAlthough SEO poisoning is not a new technique, but it is still an effective way to deliver a load to a point at one end. The fake security software can reliably help bypass measures to control the end point in the organization based on the allowed list based on the name of the file,\u201d the report of Unit 42 said.<\/p>\n\n\n\n

\"\"
Malicious ads are active on Google Search.<\/em><\/figcaption><\/figure>\n\n\n\n

Proofpoint have previously reported that the attackers had used WikiLoader to distribute the trojan bank as Danabot or Ursnif\/Gozi to the organization in Italy.<\/p>\n\n\n\n

The attackers have used many tricks to avoid detection. The sample file obtained from the victim, whose name is GlobalProtect64. However, it is the copy is the name of an app that trades stock legally be used to load components WikiLoader first. The zip file contains more than 400 files offline.<\/p>\n\n\n\n

To prevent victims wonder why GlobalProtect is not installed, the malware will display fake error messages saying that the DLL is missing after the infectious process is complete.<\/p>\n\n\n\n

The legitimate software was changed to another name, such as tool Microsoft Sysinternals ADInsight.exe was hidden inside the installer to download the door.<\/p>\n\n\n\n

The expert recommends that users need to be cautious when downloading software from the internet, especially from the search results on Google. Please always carefully check the origin and authenticity of the website before you download any files whatsoever.<\/p>\n\n\n\n

Source: laodongthudo.vn<\/em><\/p>","protected":false},"excerpt":{"rendered":"

 C\u00e1c chuy\u00ean gia b\u1ea3o m\u1eadt t\u1eeb Palo Alto Networks v\u1eeba ph\u00e1t hi\u1ec7n m\u1ed9t chi\u1ebfn d\u1ecbch t\u1ea5n c\u00f4ng m\u1edbi, trong \u0111\u00f3 tin t\u1eb7c s\u1eed d\u1ee5ng th\u1ee7 \u0111o\u1ea1n tinh vi \u0111\u1ec3 ph\u00e1t t\u00e1n m\u00e3 \u0111\u1ed9c th\u00f4ng qua k\u1ebft qu\u1ea3 t\u00ecm ki\u1ebfm tr\u00ean Google. L\u1ed7 h\u1ed5ng ch\u1ebft ng\u01b0\u1eddi t\u1ea1i c\u00e1c nh\u00e0 m\u1ea1ng khi\u1ebfn tin t\u1eb7c d\u1ec5 t\u1ea5n c\u00f4ng […]\n","protected":false},"author":2,"featured_media":54673,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-54672","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-tin-tuc"],"_links":{"self":[{"href":"https:\/\/bocau.com.vn\/en\/wp-json\/wp\/v2\/posts\/54672","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bocau.com.vn\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bocau.com.vn\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bocau.com.vn\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/bocau.com.vn\/en\/wp-json\/wp\/v2\/comments?post=54672"}],"version-history":[{"count":4,"href":"https:\/\/bocau.com.vn\/en\/wp-json\/wp\/v2\/posts\/54672\/revisions"}],"predecessor-version":[{"id":54679,"href":"https:\/\/bocau.com.vn\/en\/wp-json\/wp\/v2\/posts\/54672\/revisions\/54679"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/bocau.com.vn\/en\/wp-json\/wp\/v2\/media\/54673"}],"wp:attachment":[{"href":"https:\/\/bocau.com.vn\/en\/wp-json\/wp\/v2\/media?parent=54672"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bocau.com.vn\/en\/wp-json\/wp\/v2\/categories?post=54672"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bocau.com.vn\/en\/wp-json\/wp\/v2\/tags?post=54672"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}