China conducting SEO Scams by hijacking IIS Servers
A recent cybersecurity discovery has unveiled an alarming trend: Chinese state-backed hackers or cybercriminal groups speaking Mandarin have been orchestrating sophisticated Search Engine Optimization (SEO) scams. These cyber actors have been hijacking Internet Information Services (IIS) servers to manipulate online traffic. The research, conducted by Cisco Talos, has uncovered the operation of a group identified as UAT-8099, which has been exploiting the servers to redirect internet users to malicious websites, often involving fraudulent ads or gambling platforms.
According to Cisco Talos, the majority of the impacted servers were located in countries like India, Thailand, Vietnam, Canada, and Brazil. These compromised servers were predominantly targeted to manipulate web traffic generated by mobile devices, particularly Android and iPhone devices. More concerning is that these compromised devices mostly belonged to users in educational institutions, tech companies, and telecommunication businesses. The attackers have found a way to leverage this traffic, causing damage both to unsuspecting users and businesses.
What makes this operation particularly troubling is the complexity of the attack: the hackers were able to leverage the legitimacy of IIS servers, which are widely used for web hosting, to deceive search engines and manipulate their rankings. By doing so, they could funnel traffic toward malicious sites that could potentially steal user data or serve harmful ads. This marks a worrying escalation in the use of legitimate internet infrastructure to perpetrate cybercrime.
Veeam Software Set to Acquire Securiti for $1.8 Billion
In a major move within the data protection and cybersecurity industry, Veeam Software, a well-known provider of data backup and recovery solutions, is set to acquire Securiti, a company that specializes in data security and privacy solutions, for a staggering $1.8 billion. While the details of the deal are still under wraps, with discussions remaining private, Veeam has confirmed that it will release more information once the talks are finalized.
The acquisition aligns with Veeam’s broader strategy to enhance its portfolio in the face of increasingly stringent data privacy laws and the growing demand for comprehensive data security solutions. As countries around the world continue to introduce more rigorous privacy regulations, companies are under increasing pressure to ensure they not only back up data but also protect it from breaches, unauthorized access, and misuse.
Securiti, known for its AI-powered privacy and compliance solutions, will add significant value to Veeam’s offerings, especially in helping organizations meet the complex challenges posed by evolving privacy frameworks. For Veeam, which already holds a strong position in the data backup sector, this acquisition positions the company to become a more holistic player in the broader data management and cybersecurity ecosystem. This deal also signals a shift in the industry, where data privacy is becoming as important as data availability and recovery.
Join our LinkedIn group Information Security Community!
