YoVDO

Search Engine Deoptimization with Gootloader

Offered By: BSidesLV via YouTube

Tags

Security BSides Courses Cybersecurity Courses Javascript Courses Search Engine Optimization Courses WordPress Security Courses

Course Description

Overview

Explore the intricacies of search engine deoptimization techniques employed by Gootloader in this 54-minute conference talk from BSidesLV 2021. Delve into the obstacles researchers face, the preparation involving compromised Wordpress sites, and the malicious SEO tactics behind the scenes. Examine the search landing page swap, payload filename matching, target machine profiling, and the second stage Javascript installer. Investigate process hollowing, server infrastructure, and the implications for web users. Conclude by understanding why Gootloader's activities are ultimately Google's responsibility to address.

Syllabus

Intro
Obstacles to the researcher
Preparation: Wordpress compromised
Search engine de-optimization
Behind the scenes: Malicious SEO
Search landing page-the swap
Payload filename matches search terms
Profile the target machine
Second stage Javascript installer
Process hollowing
Server Infrastructure
What's a web user supposed to do?
Gootloader really is Google's problem


Taught by

BSidesLV

Related Courses

Learn Complete Wordpress Security
Udemy Web Guard Dog WordPress Security
Udemy Wordpress Advanced - Complete Security and Plugin Mastery
Udemy Wordpress Security Master Class Protect Your Business Today
Udemy WordPress: Ask the Instructor
LinkedIn Learning