Forensic Investigation of SEO Manipulation in Moodle LMS: Uncovering Illegal Content in Educational Platforms

Authors

  • Tri Rochmadi Information System, Universitas Alma Ata, Indonesia
  • Vandha Pradwiyasma Widartha Department of Information System, Pulyong National University, South Korea
  • Tito Apolinario Sarmento Informatics Engineering, Institute of Business, Timor-Leste
  • Avrillaila Akbar Harahap Information System, Universitas Alma Ata, Indonesia
  • Ibnu Ajis Information System, Universitas Alma Ata, Indonesia

DOI:

https://doi.org/10.24002/ijis.v8i1.12222

Abstract

Learning Management Systems (LMS) like Moodle are frequently targeted by covert cyberattacks that exploit the credibility of academic domains for illicit purposes. This study uncovers an SEO-based attack method that infiltrates hidden links to gambling sites through Moodle's public directory. Digital forensic methodology was used to trace the perpetrators' footprints from server logs, HTML/JS files, and activity in Google Search Console. The results revealed a comprehensive exploit: fake admin accounts, redirect file injection, and Google indexing manipulation. This research not only highlights an under-researched threat but also offers a mitigation framework based on the ISO/IEC 27001 standard. Key contributions include identifying SEO-based attack techniques in LMSs, analyzing digital artifacts for perpetrator attribution, and strengthening cybersecurity governance in educational institutions.

References

[1] S. A. Nugroho and T. Rochmadi, “Analisis Keamanan Sistem Informasi Pusaka Magelang Menggunakan Open Web Application Security Project (OWASP) dan Information Systems Security Assessment Framework (ISSAF),” CyberSecurity dan Forensik Digital, vol. 7, no. 1, pp. 56–61, Aug. 2024, doi: 10.14421/csecurity.2024.7.1.4555.

[2] G. Slavko and S. Serhiienko, “Optimization of LMS Moodle configuration and Education Technologies on the Example of Electrical Engineering Education,” in 2021 IEEE International Conference on Modern Electrical and Energy Systems (MEES), 2021, pp. 1–5. doi: 10.1109/MEES52427.2021.9598719.

[3] S. Nugroho and T. Rochmadi, “Analysis of Information Security Readiness Using the Index KAMI,” DECODE: Jurnal Pendidikan Teknologi Informasi, vol. 4, no. 3, pp. 881–886, Nov. 2024, doi: 10.51454/decode.v4i3.602.

[4] A. G. P. Sidhawara, “An Evaluation of UAJY Learning Management System’s Usability using USE Questionnaire and Eye-tracking,” Indonesian Journal of Information Systems (IJIS, vol. 4, no. 2, pp. 174–188, Feb. 2022, doi: 10.24002/ijis.v4i2.5273.

[5] X. Tan, J. She, S. Chen, S. Ohno, and H. Kameda, “Analysis of Student Learning Behavior Based on Moodle Log Data,” in 2021 14th International Conference on Human System Interaction (HSI), Gdańsk: IEEE, Sep. 2021, pp. 1–4. doi: 10.1109/HSI52170.2021.9538680.

[6] Đ. Milošević, K. Kuk, B. Popović, and P. Čisar, “Endangered data in Moodle platform with malicious plugins,” in 2022 21st International Symposium INFOTEH-JAHORINA (INFOTEH), East Sarajevo: IEEE, Apr. 2022, pp. 1–5. doi: 10.1109/INFOTEH53737.2022.9751251.

[7] H. S. Lallie, A. Thompson, E. Titis, and P. Stephens, “Analysing Cyber Attacks and Cyber Security Vulnerabilities in the University Sector,” Computers, vol. 14, no. 2, 2025, doi: 10.3390/computers14020049.

[8] A. Georgiadou, S. Mouzakitis, and D. Askounis, “Working from Home During Covid-19 Crisis: a Cyber Security Culture Assessment Survey,” Security Journal, vol. 35, no. 2, pp. 486–505, Feb. 2022, doi: 10.1057/s41284-021-00286-2.

[9] Id-SIRTII/CC – BSSN, “Lanskap Keamanan Siber Indonesia,” 2024. Accessed: Oct. 01, 2024. [Online]. Available: https://www.bssn.go.id/wp-content/uploads/2024/03/Lanskap-Keamanan-Siber-Indonesia-2023.pdf

[10] S. B. Trivedi, Chapter–19 Information Technology in Accounting Dr. Sunil B. Trivedi. Crown Publishing, 2025.

[11] S. A.-L. Akacha and A. I. Awad, “Enhancing Security and Sustainability of e-Learning Software Systems: A Comprehensive Vulnerability Analysis and Recommendations for Stakeholders,” Sustainability, vol. 15, no. 19, 2023, doi: 10.3390/su151914132.

[12] M. Dandotiya, P. Rahi, A. Khunteta, A. Anushya, and S. S. Ahmad, “SAFE: A Secure Authenticated & Integrated Framework for E-learning,” in Proceedings of the 4th International Conference on Information Management & Machine Intelligence, in ICIMMI ’22. New York, NY, USA: Association for Computing Machinery, 2023. doi: 10.1145/3590837.3590926.

[13] T. Rochmadi, A. Fadlil, and I. Riadi, “Tinjauan Pustaka Sistematis: Tantangan dan Faktor-Faktor Pengembangan Kesiapan Forensik Digital,” CyberSecurity dan Forensik Digital, vol. 7, no. 2, pp. 81–89, Dec. 2024, doi: 10.14421/csecurity.2024.7.2.4861.

[14] T. M. Tran, R. Beuran, and S. Hasegawa, “Gamification-Based Cybersecurity Awareness Course for Self-Regulated Learning,” International Journal of Information and Education Technology, vol. 13, no. 4, pp. 724–730, 2023, doi: 10.18178/ijiet.2023.13.4.1859.

[15] M. Shimamura, S. Matsugaya, K. Sakai, K. Takeshige, and M. Hashimoto, “An Analysis of the Relationship Between Black-Hat SEO Malware Families Leveraging Information from Redirected Fake E-Commerce Scam Sites,” in 2024 IEEE Conference on Dependable and Secure Computing (DSC), Tokyo: IEEE, Nov. 2024, pp. 123–130. doi: 10.1109/DSC63325.2024.00025.

[16] K. Sellamuthu, S. Ranjithkumar, K. Kavitha, and S. Gowtham, “On Page SEO Techniques for Better Ranking in Search Engines,” in 2022 8th International Conference on Smart Structures and Systems (ICSSS), Chennai: IEEE, Jun. 2022, pp. 1–6. doi: 10.1109/ICSSS54381.2022.9782182.

[17] F. Tazi, S. Shrestha, and S. Das, “Cybersecurity, Safety, & Privacy Concerns of Student Support Structure for Information and Communication Technologies in Online Education,” Proc. ACM Hum.-Comput. Interact., vol. 7, no. CSCW2, Oct. 2023, doi: 10.1145/3610055.

[18] T. Rochmadi and I. Y. Pasa, “Pengukuran Risiko dan Evaluasi Keamanan Informasi Menggunakan Indeks Keamanan Informasi di BKD XYZ Berdasarkan ISO 27001 / SNI,” CyberSecurity dan Forensik Digital, vol. 4, no. 1, pp. 38–43, May 2021, doi: 10.14421/csecurity.2021.4.1.2439.

[19] K. Arlitsch, J. Wheeler, M. T. N. Pham, and N. N. Parulian, “An Analysis of Use and Performance Data Aggregated from 35 Institutional Repositories,” Online Information Review, vol. 45, no. 2, pp. 316–335, Mar. 2021, doi: 10.1108/OIR-08-2020-0328.

[20] A. Azahari and D. Balzarotti, “On the Inadequacy of Open-Source Application Logs for Digital Forensics,” Forensic Science International: Digital Investigation, vol. 49, p. 301750, Jun. 2024, doi: 10.1016/j.fsidi.2024.301750.

Downloads

Published

2025-08-23

How to Cite

Rochmadi, T., Widartha, V. P., Sarmento, T. A., Harahap, A. A., & Ajis, I. (2025). Forensic Investigation of SEO Manipulation in Moodle LMS: Uncovering Illegal Content in Educational Platforms. Indonesian Journal of Information Systems, 8(1), 1–9. https://doi.org/10.24002/ijis.v8i1.12222

Issue

Section

Articles