Malware Signatures

  1. Home
  2. Malware Signatures
  3. asp.spam-seo.redirect.001

asp.spam-seo.redirect.001

Blackhat SEO, or spam-seo, is a malicious technique used to manipulate the search engine results in order to benefit a website in terms of relevance. The payload is ASP based, thus intended for server-side use and the payload is executed directly on the server, while the site is rendered. Only the payload result (spam content, redirect) is visible in the browser, not the malicious code itself.
Spam-seo can also be found inside the site's database being injected by ASP malware or other vulnerabilities, like SQL injections or vulnerable CMS.
A redirect is a common spam seo technic. Its purpose is to, as the name stands for, redirect the site's visitors to other malicious or spammy sites, in order to increase the number of visits and SEO rank. Very often, they are conditional and the redirect is done only under some circumstances (such as browser type, country, user agent, etc..).

Affecting

Any ASP based website, often through vulnerable code or compromised FTP credentials.

Cleanup

In case of redirects, look for misusage of Response.Redirect and Server.Transfer functions in your site's files.