Security researcher Dancho Danchev said Friday that SEO poisoning attacks have scaled up and are attacking well known sites. Google has been filtering its results as a defense, but Danchev's latest finding brings up an interesting question: Can the defenses scale?
First, a few key points. SEO poisoning isn't new. In fact, targeted IFRAME attacks have been around for months. Danchev's point (Techmeme):
What has changed since the last time? The number and importance of the sites has increased, Google is to what looks like filtering the search results despite that the malicious parties may have successfully injected the IFRAMEs already, thus trying to undermine the campaign, new malware and fake codecs are introduced under new domain names, and a couple of newly introduced domains within the IFRAMES themselves.
These attacks are impacting ABCNews.com, News.com, Target.com, Walmart and dozes of other sites.
Danchev's findings are a must read--especially if you follow all the coding behind the scenes. But these attacks have a whack-a-mole quality to them. These attacks keep popping up and at some point you get tired of whacking them. What will be interesting to watch is how Google's defenses scale up in defense of these attacks. Google can scale. And malicious hackers can scale. It's an interesting race to say the least.