Root Compromise: A Spammer Hiding in Plain Sight

This presentation will walk through an incident where a spammer obtained root on a major departmental server and used it to inject spam material into the site's web pages, as well as describe the methods used to remain undetected for months. Surrounding the incident will be a larger discussion of search engine optimization (SEO) cloaking, spammers' motives and techniques, and steps to detect and prevent these types of compromises.