Leveraging a native IIS module named BadIIS, attackers manipulated search engine crawler traffic to poison search results and redirect legitimate users to scam or adult-oriented websites. Infrastructure overlaps link this activity to ESET’s “Group 9” cluster and share functional similarities with Cisco Talos’s “DragonRank” campaign. In March 2025, Unit 42 researchers uncovered an advanced SEO […] The post Hackers Hijacking IIS Servers Using Malicious BadIIS Module to Serve Malicious Content appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/iis-servers/
