Your website may be engaged in secret criminal activity
Most of us think of website hacks as illicit activities aimed at siphoning critical information or disrupting the business of website owners.
But what happens when your site becomes hacked, not for the purpose of harming you but rather to further the ends of other parties? Most likely, the attackers would manage to feed off your resources and reputation for months or years without being discovered, because it’s hard to take note of something that isn’t directly affecting you.
This is what a recent report from cybersecurity firm Imperva shows, which proves that you should harden your website not only to protect yourself, but also to protect others and prevent your online assets from being taken advantage of for illicit activities.
Piggybacking vulnerable websites for malicious purposes
Compiled by researchers at Imperva Defense Center, the report unveils a long-running blackhat SEO campaign in which hackers are exploiting vulnerabilities in thousands of legitimate websites in order to promote the search engine ranking of their clients’ websites.
The hackers are using botnets (networks of remotely hijacked computers) in order to amplify their campaigns and are using known hacking techniques such as SQL injection and comment spam in order to inconspicuously insert backlinks to their clients in the targeted websites. The attackers use CSS and HTML tricks to hide the inserted snippets from the eyes of visitors and site administrators while keeping them visible to web crawlers.
Source | techcrunch