Malware, Threat Intelligence

Microsoft IIS servers targeted for malware deployment

Microsoft company logo in the internet web browser
(Adobe Stock)

India, Japan, South Korea, Thailand, Vietnam, Singapore, Taiwan, the Philippines, and Brazil are having their government, education, technology, and telecommunications sectors' Microsoft Internet Information Services servers compromised with the BadIIS malware as part of a search engine optimization manipulation attack campaign, The Hacker News reports.

Attacks — which are believed to have been conducted by Group 9-linked Chinese hacking operation DragonRank — involved payloads with SEO fraud and malicious JavaScript code injections resembling those utilized by Group 11, according to an analysis from Trend Micro. Researchers noted that the BadIIS malware leveraged in the new campaign facilitated the monitoring of the 'User Agent' and 'Referer' fields in the HTTP response header received from the web server. "If these fields contain specific search portal sites or keywords, BadIIS redirects the user to a page associated with an online illegal gambling site instead of a legitimate web page," researchers added. Such findings follow a Silent Push report detailing infrastructure laundering performed by the China-based Funnull content delivery network.

Related

Magento stores compromised with Google Tag Manager skimmer

Intrusions involved the distribution of an obfuscated backdoor in the guise of a GTM and Google Analytics script for web analytics and advertising, which when executed from a Magento database table facilitates the exfiltration of credit card details, according to a report from Sucuri.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

Related Terms

DarknetDeauthentication AttackDeepfakeDictionary AttackDomain HijackingDumpSecGoogle HackingHybrid AttackInformation WarfarePassword Cracking

You can skip this ad in 5 seconds