Hackers are always eager to stay one step ahead of their victims. As internet users become more alert to the threat of phishing attacks, so attackers are dressing up their malware dumps in more imaginative ways. Their latest ploy is to use SEO to position bogus links at the top of the Google search engine menu, in order to lure traffic to their phoney website. Once the victim is ensnared, the attackers release their Zeus Panda banking Trojan.
While SEO poisoning is nothing new, researchers at Cisco have identified that this is the first time it has been used to distribute malware on a grand scale. If the user clicks on the Enable tab, the malware is activated.
The key to the success of this exploit is the deployment of commonly-used financial keywords to lure innocent punters onto malware infested sites. Furthermore, the Zeus Panda Trojan contains features that make detection more difficult and time consuming.