Bot Herders Use SEO for Massive Search Spam

(Page 1 of 4 )

Less-than-scrupulous SEOs have engaged in black hat practices for years, but to date we’ve seen nothing to match the massive scale of what hit Google and the other search engines in the last week of November. Security experts insist that this is just the beginning. Keep reading for the details of what happened.

It's been referred to as "Google poisoning" or "SEO poisoning," and it's no wonder. A potential victim, who might not have all of the patches their system really needs, performs an innocent search on Google - on the phrase "Christmas gifts" in hope of ideas, perhaps, or even "hospice" to get information for a critically ill friend or loved one. Clicking on a link leads to a site which prompts them to install the latest ActiveX control, or possibly to get a free scan for spyware. And that's where the trouble begins.

If the user clicks on the link for the download, the web site begins loading up their vulnerable machine with malware: Trojans, viruses, rootkits, intrusive adware, you name it. At least one of these sites hosted as many as 25 separate pieces of malware ready to be downloaded. And that was just one site; there were many malicious sites participating.

This kind of thing has happened many times before. What made it particularly disconcerting this time, however, was that the malware sites had managed to reach the first page of the search engine results pages (SERPs) for multiple keywords, most of them totally innocent. Online security firm Sunbelt Software, which has been tracking the problem, supplied a PDF in one of their blog posts with a list. The number of terms per page is staggering - and the list is 12 pages long.

Even I was attacked by this lovely nastiness recently. I could tell it what it was because I'd just finished writing this article, and recognized the names of the things that were trying to load themselves onto my system. Fortunately, my up-to-date anti-virus software blocked the malware. I triggered the attempted intrusion by searching for cucumber salad recipes in Google and clicking on a few of the top links!

Google managed to beat back the attack; Sunbelt reported the issue on a Monday, and most of the malicious sites were removed from Google's index by late Wednesday (November 28). But Google will almost certainly find itself fighting off another massive attack on its SERPs, and sooner rather than later. To understand why, we need to take a closer look at how this happened.

Next: Anatomy of an Automated Ambush >>
 

More Search Engine News Articles
More By Terri Wells

Comments On: Bot Herders Use SEO for Massive Search Spam

· I hope you found my article informative; thanks for reading. This is probably one of...    · It is very sad this is giving a bad reputation to people that work in SEO field....    · Why don't Google just add the condition that a 'day or two' old domain can never...    · Google may have to resort to something like that, is my guess, assuming it's...    · It may be a question of resources; even Google's resources aren't infinite. I'm...    · Last week I checked my incoming links that Google did find at the "webmasters-help...    · Wow, thanks for mentioning that! I guess it just goes to show that you should check...   >>> Post your comment now!