Updated on 2022-11-11: Ois[.]is redirection campaign
GoDaddy’s Sucuri team said it identified a massive spam operation where a threat actor has compromised more than 15,000 websites and planted malicious code to redirect users (via the ois[.]is domain) to spammy Q&A sites. Sucuri researchers believe this campaign is the work of a black-hat SEO spam group meant to boost the ranking of the spammy Q&A domains in search results. Read more: Massive ois[.]is Black Hat Redirect Malware Campaign
Overview
A massive black hat SEO campaign compromised almost 15,000 WordPress websites to redirect victims to false Q&A discussion forums – discovered Sucuri. Read more: Massive ois[.]is Black Hat Redirect Malware Campaign