TTB White LOGO TB
  • News
  • PC & Hardware
  • Mobiles
  • Gaming
  • Electronics
  • Gadget
  • Reviews
  • How To
Trending
Why Modular Phones Failed to Change the Smartphone Game
What is Calm Technology and Why it Matters in a Busy World
Inside the Terahertz Communication – How 6G Will Reshape Wireless Connectivity
iOS 26 Redefines CarPlay: Sleek New Features Enhance Driving
Apple AI Roadmap: Contextual Siri 2026, Knowledge Chatbot & Copilot
Saturday, Jun 14, 2025
The Tech BasicThe Tech Basic
Font ResizerAa
Search
  • News
  • PC & Hardware
  • Mobiles
  • Gaming
  • Electronics
  • Gadget
  • Reviews
  • How To
Follow US
Dragon Rank
The Tech Basic > News > Chinese Hackers Exploit Windows Servers in a Dangerous SEO Poisoning Campaign
News

Chinese Hackers Exploit Windows Servers in a Dangerous SEO Poisoning Campaign

Emeka Victor
Last updated: 12 September 2024 20:14
Emeka Victor
Share
SHARE

Hackers are launching a wave of attacks on Windows servers, compromising vulnerable websites and using them to steal credentials, deploy malware, and more. A newly uncovered hacking group is taking advantage of weaknesses in web application services to gain control of these servers, as revealed by a report from Cisco Talos, a cybersecurity research group. Their latest target? Websites using popular services like phpMyAdmin and WordPress.

Contents
Compromising Vulnerable ServersDragonRank Targets Various SectorsThe DragonRank Group

Compromising Vulnerable Servers

The hackers, who have been under observation by Cisco Talos for some time, begin by identifying vulnerable web services. Once they find an opening, they deploy a web shell (a malicious script that grants them access to the server). With this access, they can collect system information, deploy additional malware such as PlugX and BadIIS, or run infostealers like Mimikatz and GodPotato.

One of the key tactics employed by this group is SEO poisoning. They manipulate search engine algorithms to push compromised websites higher up in the rankings, increasing traffic to these infected pages. This strategy boosts the chances of unsuspecting users visiting the sites, thereby increasing the number of victims.

image

DragonRank Targets Various Sectors

The group’s activities, dubbed “DragonRank” by researchers, have predominantly targeted organizations in Asia, although some victims have been identified in Europe. The countries affected so far include Thailand, India, Korea, Belgium, the Netherlands, and China. Victims span a wide array of industries, from jewelry and media to healthcare, manufacturing, and even niche sectors like feng shui.

According to the report from Cisco Talos, DragonRank doesn’t seem to discriminate in its targeting. The goal appears to be the compromise of as many organizations as possible, regardless of industry. So far, more than 35 IIS (Internet Information Services) servers have been compromised, and these servers were found to be infected with BadIIS malware, a dangerous backdoor that has been active since 2020. This malware is particularly hard to detect, thanks to its advanced stealth techniques.

The DragonRank Group

Researchers suspect that the group behind DragonRank is of Chinese origin, given their use of commercial websites, a business model, and instant messaging accounts. With such an infrastructure in place, the group appears to be well-organized and intent on causing widespread damage.TechRadar first reported this growing threat, warning organizations to be vigilant in protecting their web servers. The malware deployed in these attacks is highly advanced, with BadIIS specifically designed to bypass security measures and grant unauthorized access to compromised servers. As the DragonRank campaign continues to evolve, organizations must remain vigilant to avoid becoming the next victim of this indiscriminate cyber-attack.

Read Also

Terahertz Communication
Inside the Terahertz Communication – How 6G Will Reshape Wireless Connectivity
Apple AI Roadmap: Contextual Siri 2026, Knowledge Chatbot & Copilot
Meta Slams Down on Nudify Apps After Critical Exposure
Your Photos Reborn: iOS 26’s Tabbed Interface and AI-Powered 3D Revolution
New from Logitech: Sleek iPad Case with a Compact, Removable Wireless Keyboard

TAGGED:AppleGoogleSamsung
Share This Article
Facebook Reddit Copy Link Print
Share
Emeka Victor
By Emeka Victor
Follow:
Emeka Victor is a tech writer and journalist who loves exploring cultures and food. He tells exciting stories about technology and how it affects people. Making tech news simple and interesting for everyone to understand.

Let's Connect

FacebookLike
XFollow
PinterestPin
InstagramFollow
Google NewsFollow
FlipboardFollow

Popular Posts

Modular Phones

Why Modular Phones Failed to Change the Smartphone Game

Salman Akhtar
Calm Technology

What is Calm Technology and Why it Matters in a Busy World

Salman Akhtar
iOS 26

iOS 26 Redefines CarPlay: Sleek New Features Enhance Driving

Salman Akhtar
Child Accounts

iOS 26 Introduces Smarter Management Tools to Safeguard Child Accounts

Salman Akhtar

You Might Also Like

Apple Music
News

Apple Music in iOS 26 Redefines the Lock Screen with Stunning Motion, Color, and Depth

iOS 26 vs iOS 18
News

iOS 26 vs iOS 18: Is Apple’s Liquid Glass the Future of UI?

macOS Tahoe
Blog

macOS Tahoe 26 Features: Liquid Glass Design, Apple Intelligence, Spotlight

Google
News

Google Fixes Account Security Hole That Enabled Phone Number Harvesting

Social Networks

Facebook-f Twitter Instagram Pinterest Rss

Company

  • About Us
  • Our Team
  • Contact Us

Policies

  • Disclaimer
  • Privacy Policy
  • Cookies Policy
Latest
iOS 26 Redesign: Liquid Glass, Camera Upgrades & Apple Intelligence
Why Researchers Are Excited About Meta’s New Aria Gen 2 Experimental Glasses
New Anthropic AI Aims to Help US National Security Agencies
Google’s AI Mode Cuts Reddit Traffic—Will Communities Suffer?
Apple Makes iPhone Payments Easier for Small Businesses in Europe

© 2024 The Tech Basic INC. 700 – 2 Park Avenue New York, NY.

TTB White LOGO TB
Follow US
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?