Cybercriminals hack Google Looker Studio to place their malicious websites at the top of search engine results pages, promoting spam, pirated content, and torrents.
The campaign uses a technique known as SEO poisoning. This method uses a legitimate copy of the website and fills it with links to these malicious sites. In the eyes of the Google search engine algorithm, links give spam sites enough credibility for the tool to rank them highly for specific keywords.
This specific attack uses Google’s datastudio.google.com subdomain.
Fake blockbuster movie downloads
Computer It says it found multiple pages of Google search results “flooded with datastudio.google.com links,” after it was tipped off by an interested reader. The links do not lead to an actual Google Data Studio project, but rather to websites that host pirated content, such as current blockbusters (Black Adam, Black Panther: Wakanda Forever, and the like).
Before actually landing on those pages, victims will first be redirected several times as well.
SEO poisoning is a well-known method, often used by threat actors to improve the chances of malware reaching more endpoints. (Opens in a new tab).
Most of the time, SEO intoxication is used to push torrent sites to the top of Google results pages for search queries like commercial software, latest movies, or computer games. Consumers looking to save a few bucks on software and games sometimes turn to shady sites that promise cracks and activators that enable them to use products without paying for a license.
Most of the time, activators and cracks do not really work as advertised, and all they do is distribute viruses or malware. This malware is capable of wreaking all kinds of havoc, from installing cryptocurrency mining hardware, to stealing sensitive data, to spreading ransomware and rendering hardware completely useless.
Via: BleepingComputer (Opens in a new tab)