October 8, 2025

The Chinese Cybercrime Group has manipulated SEO to stimulate game websites

lawi23000 September 5, 2025 0
Search-engine-on-laptop-e1757077092109-300x169.jpg


Laptop search engine

ESET researchers discovered a group of professional Chinese cybercriminals that handle referencing to increase traffic to game websites.

Nicknamed Ghostredirector by the ESET cybersecurity software company, the bad actor would have compromised at least 65 Windows servers located mainly in Brazil, Thailand and Vietnam. The researchers say that the group uses two tailor -made tools: a passive C ++ stolen door that they have nicknamed Rungan, and a malicious Internet Information Services module they have appointed Gamshen.

Rungan can run orders on a compromised server, while Gamshen can perform SEO fraud to manipulate the search engine results. This can stimulate the classification of the pages of a website, which is used by the crime group to increase traffic to game game websites.

Although it can only modify Googlebot’s responses, so will not affect regular website visitors, using such a tool can damage the reputation of long -term host’s websites.

Researchers have found a series of other personalized tools used by Ghostredirector, as well as familiar names in the world of cybercrime, such as Efspotato and Badpotato. It is believed that these are used as backups if Rungan had to fail, or attack servers with higher security privileges.

“We believe with an average confidence that an actor of threat aligned by China was at the origin of these attacks,” reads ESET’s declaration.

How to protect yourself from cybercrime tools

To protect against these tools, ESET recommends ensuring that organizations use dedicated accounts, strong passwords and multifactorial authentication as far as possible. These steps are particularly important for server administrators IIS.

Indeed, Ghostredirector and other cybercriminals can only deploy personalized IIS tools on servers already compromised. Prevent them from accessing them in the first place protects against personalized malware like Rungan and, by extension, Gamshen.

ESET also advises that administrators should ensure that the native IIS modules can only be installed from sources of trust and are signed by a trust supplier, ideally requiring two parts for a successful installation.

Star image: aplash

The Post Pro Cybercrime Group manipulates SEO to stimulate games websites appeared first on Readwrite.


[og_img]

About The Author

lawi23000

See author's posts

More Stories

usa-shutdown.JPG

An air traffic control tower was without staff. Is this the point of breaking the closure of the American government?

lawi23000 October 8, 2025 0
Intralot-300x200.jpeg

Intralot presents new voting shares alongside Capital Augmentation

lawi23000 October 8, 2025 0
trump-carney-20251007.JPG

Trump’s tone towards Canada is suddenly more positive. What’s going on with that?

lawi23000 October 8, 2025 0

Leave a Reply

Your email address will not be published. Required fields are marked *

You may have missed

Boox-P6-Pro-1200x675.jpg

You can really get a color ink device E of any size at this stage

lawi23000 October 8, 2025 0
usa-shutdown.JPG

An air traffic control tower was without staff. Is this the point of breaking the closure of the American government?

lawi23000 October 8, 2025 0
GettyImages-990295-002-1-e1759856047798.jpg

The shortage of US air traffic controller is even worse during the government’s closure – but employment candidates can earn $ 145,000 per year

lawi23000 October 8, 2025 0
Intralot-300x200.jpeg

Intralot presents new voting shares alongside Capital Augmentation

lawi23000 October 8, 2025 0
World-Cup-2030.jpg

What players have scored the most goals in the history of qualifying for the World Cup?

lawi23000 October 8, 2025 0