Slashdot Mirror

← Back to Stories (view on slashdot.org)

Spam Sites Infesting Google Search Results

Posted by CmdrTaco on from the hate-when-that-happens dept.

The Google Watchdog blog is reporting that "Spam and virus sites infesting the Google SERPs in several categories" and speculates, ...Google's own index has been hacked. The circumvention of a guideline normally picked up by the Googlebot quickly is worrisome. The fact that none of the sites have real content and don't appear to even be hosted anywhere is even more scary. How did millions of sites get indexed if they don't exist?

25 of 207 comments (clear)

  1. It's the Rand Corporation by OptimusPaul · · Score: 3, Funny

    in conjunction with the saucer people under the supervision of the reverse vampires are forcing our parents to go to bed early in a fiendish plot to eliminate the meal of dinner. We're through the looking glass, here, people...

  2. Google index hacked? by InvisblePinkUnicorn · · Score: 5, Funny

    Hacking of Google databases might explain why Google Translator used to translate the Russian name for "Ivan the Terrible" as "Abraham Lincoln".

  3. SEOs by Chilled_Fuser · · Score: 5, Informative


      Using one page of information for Google's spider and then using a redirect for a non-spider user. It's an SEO tactic.

    1. Re:SEOs by glindsey · · Score: 4, Interesting

      Which raises the question: Why not have GoogleBot do a check also as a normal user-agent (IE/Firefox/etc.) and see if the page is significantly different than when it identifies itself? At the very least GoogleBot could check if there are common blacklist words ("viagra" et al) on the website when identifying itself as IE or Firefox.

    2. Re:SEOs by dschuetz · · Score: 3, Interesting

      I was pretty sure that Google already did some kind of checking for this sort of dodge. It could be that the sites in question have found some way to dodge the dodge -- maybe they figured out when a google revisit (with a different user agent) would occur, or maybe they recognize google IP addresses and always give the scammed page regardless of user agent, or some other similar trick.

      That's what makes this scary -- as I said, I thought google was already on the lookout for such scams, and if they're being beat on such a large scale it might mean a major shift in google's strategy is in order...

    3. Re:SEOs by jmagar.com · · Score: 4, Interesting

      Google does this already, perhaps not with spiders, or in the way you described. But they do seek out and destroy sites that are caught faking keyword densities and other SEO tactics on crawl pages vs human pages.

      --
      www.jmagar.com
      -
    4. Re:SEOs by Tim+C · · Score: 5, Insightful

      At the very least GoogleBot could check if there are common blacklist words ("viagra" et al) on the website when identifying itself as IE or Firefox.

      So medical supply or information websites shouldn't be indexed by Google?

      I know what you're trying to do, but no word is 100% inappropriate. What if someone is actually looking for information on Viagra, or replica Swiss watches, or cheap stocks? What if someone is looking for information on spam?

      Check for significant differences in content with different user-agents yes, but banned words? That really doesn't seem like a good idea to me.

      --
      It's official. Most of you are morons.
    5. Re:SEOs by suv4x4 · · Score: 4, Insightful

      Which raises the question: Why not have GoogleBot do a check also as a normal user-agent (IE/Firefox/etc.) and see if the page is significantly different than when it identifies itself? At the very least GoogleBot could check if there are common blacklist words ("viagra" et al) on the website when identifying itself as IE or Firefox.

      It does. It also detects landing pages mentioned above. Apparently it's something more subtle than what one could think of in few mins on Slashdot, and we'll learn soon enough.

    6. Re:SEOs by Billosaur · · Score: 4, Informative

      It's more than likely related to IP address than user agent. I used to work in web site metrics, and the number of fouled up user agents and spoofs was always staggering, but IP was a pretty good indicator of who was doing something. No doubt the bad guys have tracked the Google bot's IP over a long period of time and perhaps made some correlations to give them a pretty good idea if the site is being revisited by Google under an assumed user agent. I'm not sure, but it would seem to me that Google would have thought of spoofing it's IPs long ago, to avoid people being able to track them, though I can't say how you'd go about that.

      --
      GetOuttaMySpace - The Anti-Social Network
    7. Re:SEOs by colourmyeyes · · Score: 5, Funny

      Apparently it's something more subtle than what one could think of in few mins on Slashdot
      Blasphemy! In my relatively short time lurking on Slashdot, I've seen nearly all the world's problems, including hideously complicated questions of physics, SOLVED in posts no more than a few paragraphs long.

      It's amazing, really.
      --
      My grandmother used anecdotal evidence all the time, and she lived to be 120 years old.
    8. Re:SEOs by glindsey · · Score: 3, Insightful

      What if someone is actually looking for information on Viagra, or replica Swiss watches, or cheap stocks? What if someone is looking for information on spam? That's a good point. But perhaps combinations of keywords would work -- it's pretty unlikely that you'd see "viagra" and "mortgage" on the same site, for example. If you partner this with checking for significant user-agent differences it could become a pretty good tool, I think.
  4. Google hacked, sites don't exist, um ... by icepick72 · · Score: 3, Insightful
    Submitter says Google's index has been hacked which could imply the severe case: direct security threat and entry to it, or more likely: managing to get it to index something Google would not want it to index.

    Submitter asks: How did millions of sites get indexed if they don't exist?

    Okay, I call this an idiot story. Millions of sites come into being and go out of being all the time. What does this statement have to do with anything? It seems like submitter has a lack of understanding how basic Google and the web work, but the story has made it to Slashdot. I think the Slashdot IQ level is dropping because this is a Digg story.

    1. Re:Google hacked, sites don't exist, um ... by Clandestine_Blaze · · Score: 3, Informative

      Millions of sites come into being and go out of being all the time. What does this statement have to do with anything? It seems like submitter has a lack of understanding how basic Google and the web work, but the story has made it to Slashdot. If you had bothered reading the article, you would have seen:

      • The .cn sites don't appear to be hosted ANYWHERE. They are simply redirected domain names. How they got ranked in Google in such a short period of time for fairly competitive keywords is a mystery. Google's index even shows legitimate content for the .cn sites.
      • It appears that the faked sites are redirecting the Googlebot to a location where content can be indexed, while at the same time recognizing normal users and redirecting them to a site that includes the malware mentioned earlier. This is an obvious violation of Google's guidelines, but the spammers have found ways to circumvent the rule and hide it from the Googlebot.
      Yes, millions of sites do come into being all the time. Had Google indexed a site, and had said-site disappeared before the index was updated, you would simply either hit a landing page (if that domain was purchased but not set-up) or you would get an error message

      The submitter was referring to instances when a fake redirector is being set-up and tricking the googlebot by sending it to websites with content and keywords while sending normal users to malware-infested sites. This is a completely different situation than "Millions of sites come into being and go out of being all the time." In this case, those sites are still there and are appearing pretty high up in the index, while redirecting unsuspecting users to other websites. They exist in the physical sense, but that's about it.

      I think the Slashdot IQ level is dropping because this is a Digg story. Or because the readers simply don't bother to read the articles they comment on any more.
      --
      Best "String" Ever!
  5. I call Bullshit!!! by Jennifer+York · · Score: 4, Insightful
    Any evidence to back that up? I seriously doubt that a single individual has the ability to make a change on production boxes without a committee of senior managers approving the change.

    Google will adjust, find the method of manipulating the page ranks, and close the hole.

    --
    Dominant Meme
    1. Re:I call Bullshit!!! by Billosaur · · Score: 5, Insightful

      It may not be a question of a single developer making changes, as much as a single developer (or group of them -- safety in numbers) divulging to certain third parties how the algorithms work in the page ranking system. It's very rare any company gives anyone production access to make changes, but then again I've seen that happen too, where something breaks, they give a developer access to patch it in a hurry before the hew and outcry set in, then forget to revoke his/her access. Of course Google is global, so any change would have to propagate through the system vis source control, so tracking it wouldn't be that hard. I doubt any developer, no matter how nefarious, would take the risk.

      --
      GetOuttaMySpace - The Anti-Social Network
  6. I Bet It's a Simpler Explanation by eldavojohn · · Score: 5, Interesting

    Google is susceptible to an erosion of moral tenacity, just like any other corporation. This would be far more interesting but the sad fact is that it's probably the simplest explanation: spammers are merely more sophisticated. I mean, a while ago a few people teamed up to Google bomb Bush as a "miserable failure" and it worked. They exploited Google's page ranking system. It's pretty easy to exploit because they patented it so you merely need to read the patent. From there you get an idea of how to exploit it.

    I imagine that spammers could band together or simply get botnets 'clicking' as independent IP addresses links that boost their page rank. That's how it worked with Bush, they simply linked his homepage as "miserable failure" and suddenly he was the number one result from that query in Google.

    I find this more likely an explanation than someone changing the data or values in the database. There's going to be plenty of evidence left in the logs & it's not like nobody's going to notice. This is Google's bread & butter, no amount of money in the world could entice a worker to mess with it. They would have to be exceptionally stupid as the lawsuits that follow would be in the billions.
    --
    My work here is dung.
    1. Re:I Bet It's a Simpler Explanation by nahdude812 · · Score: 3, Interesting

      Or Google Analytics.

      --
      Slay a dragon... over lunch!
  7. specific phrases? by rubberglove · · Score: 5, Interesting

    The story would be more interesting if it included an example hijacked search phrase.
    I'd like to check it out myself.

  8. Re:Not hosted anywhere? by IBBoard · · Score: 4, Interesting

    Yeah, I think "not hosted anywhere" is somewhat of a simplification for "actually hosted somewhere but never show any content to a normal user because they redirect you to another domain instead". While it might fly for a complete non-techy, I wouldn't have thought /. would have too many people believing in responses from machines that don't exist.

  9. Wait and see. by eniac42 · · Score: 5, Insightful

    People, its just a blog. If someone has really hacked Google, we will hear soon enough. Otherwise scamming and spoofing the ratings with rubbish sites is a sport thats been going on a long, long time..

    --
    "A nation that forgets its past is doomed to repeat it." - Churchill
    1. Re:Wait and see. by tbannist · · Score: 4, Insightful

      Actually, it's worse than that. It's a blog that can't provide any actual evidence that anything they claim is true. As far as we know, the entire story is bogus because the blogger has provided nothing to prove that any of his claims are true.

      --
      Fanatically anti-fanatical
  10. Re:Not hosted anywhere? by TheRaven64 · · Score: 4, Funny

    Those of us on Internet 3.0, Quantum Edition, have this problem all the time. Quoogle indexes sites without collapsing their wave functions. When you click on a link, the waveform collapses and the server may or may not exist. Web spiders are therefore being replaced by cats.

    --
    I am TheRaven on Soylent News
  11. Google is working on this ... by miller60 · · Score: 3, Informative

    Back in May Google launched on online security blog as part of a broader effort to detect malware sites, presumably to exclude them from the SERP results. They're clearly behind the curve. But this post offers an overview of Google's efforts and ambitions in this area.

    --
    RichM
    Data Center Knowledge
  12. Where do all the calculators go when they die? by Scrameustache · · Score: 3, Funny

    I wouldn't have thought /. would have too many people believing in responses from machines that don't exist. Were getting phantom pings from the ghosts of the still-smoldering servers we slashdotted in our folly!
    I'm scared...
    --

    You can't take the sky from me...

  13. What hijacked phrases? Not seeing this. by Animats · · Score: 4, Informative

    I'm not seeing any of this. I'm trying commonly spammed phrases in Google, and seeing nothing unusual.

    • "digital camera" - OK
    • "ink cartridge" - OK
    • "flat screen TV" - PCworld at the top
    • "auto parts" - OK
    • "london hotels" - usual results
    • "britney spears" - usual results
    • "viagra" - Pfizer, Wikipedia, etc.
    • "rebelde" (the Mexican telenovela, one of the top ten searches) - normal
    Not one .cn site in the top 10 for any of these.