September 11, 2015 By Lucian Constantin
Hackers who compromise websites are also increasingly verifying themselves as the owners of those properties in Google's Search Console. Under certain circumstances this could allow them to remain undetected longer than they otherwise would be, researchers warn.
The Google Search Console, formerly known as the Google Webmaster Tools, is a very useful service for administrators to understand how their websites perform in search results.
In addition to providing analytics about search queries and traffic, it also allows webmasters to submit new content for crawling and to receive alerts when Google detects malware or spam issues on their websites.
Full Article
Website hackers hijack Google webmaster tools to prolong infections
Userlevel 7
+54
Userlevel 7
By Eduard Kovacs on September 14, 2015 Google Search Console, known until May 2015 as Google Webmaster Tools, has been abused by malicious actors to improve blackhat search engine optimization (SEO) techniques and hide their presence on hijacked websites.
Cybercriminals often hijack legitimate websites for the benefit of their spam and malware operations. They are also increasingly abusing legitimate webmaster tools, researchers at web security company Sucuri warned last week.
Google Search Console is useful for webmasters because it allows them to improve search result performance, and quickly identify configuration and security issues. However, the features offered by the Google webmaster tool can also be highly useful to attackers.
They can use the console to collect statistics on their campaigns (e.g. clicks, search result stats, impressions), submit sitemaps to make their spammy pages easier to find by Google and possibly pass them off as legitimate, receive notifications when their hack is detected, and unverify legitimate owners to prevent them from learning that their website has been compromised.
full article
Cybercriminals often hijack legitimate websites for the benefit of their spam and malware operations. They are also increasingly abusing legitimate webmaster tools, researchers at web security company Sucuri warned last week.
Google Search Console is useful for webmasters because it allows them to improve search result performance, and quickly identify configuration and security issues. However, the features offered by the Google webmaster tool can also be highly useful to attackers.
They can use the console to collect statistics on their campaigns (e.g. clicks, search result stats, impressions), submit sitemaps to make their spammy pages easier to find by Google and possibly pass them off as legitimate, receive notifications when their hack is detected, and unverify legitimate owners to prevent them from learning that their website has been compromised.
full article
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.