Hackers Discover Method to Take Over and Hide Hacked Websites Through Google Webmaster Tools
Hackers are forever finding new creative ways to cheat the "system" in more ways than one. In the latest discoveries of what hackers are up to for disrupting normal life on the internet, Sucuri has found hackers utilizing Google Webmaster Tools to hide websites that were hacked.
Hackers have devised a new method that they break into a website and take over its Google Search Console account, which used to be called Webmaster Tools, to hid and prolong malware infections.
The security firm Sucuri first made this discovery and had alerted many to this serious issue. According to Sucuri's staff, the issue lies with how the Google Search Console service was initially designed to work. The console essentially allows multiple people to register as website owners where some sites could have several folks who have taken claim to owning a particular site. In that, hackers are able to register as owners of a site and then confirm that ownership through the console. As you may guess, hacked sites may be exploited in this manor where a simple HTML page may be used to verify ownership of the site so the Google Search Console can find that HTML page and verify a new "owner" of the site.
Once verified on a hacked site, hackers may then submit whatever page or posts they want to Google from what is alleged as a verified source. This means that a malicious article or spammy post may be pulled in a Google search that will redirect Google users to a hacked website.
In most cases, the Google Search Console will automatically alert owners of sites of new registered users or owners of a site. However, if a domain remains unclaimed or the owners ignore the notifications, attackers could go undetected and avoid any apparent road blocks in putting a stop to their malicious activities on what may have been a reputable site. Another thing to not about the alert messages, webmasters probably deal with hundreds of emails each day and may overlook such an alert from Google.
Probably the most alarming part of this "issue" within Google Search Console is that many websites and their setup through the console are at risk of an intrusion taking place. Removal of the HTML verification files may take place, which is something that can be easily prevented.
Preventing intrusions on your website via the Google Search Console does not take much. Alternative verification methods may be taken, such as using the domain name provider, Google Analytics tracking code, or Google Tag Manager Container snippet. Use of these alternative authentication actions will prevent outsiders from removing you as the website owner. The only way they could do such a thing, is to compromise your Google account or domain registration, which is a whole other case by itself.
In any given case, webmasters should regularly check their settings within Google Search Console and utilize all available security methods that are feasible. It may take some work, but in the long run, you would be preventing a disaster by allowing hackers to infiltrate your site and potentially harm your business.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.