Spam Sites Infesting Google Search Results

The Google Watchdog blog is reporting that "Spam and virus sites infesting the Google SERPs in several categories" and speculates, ...Google's own index has been hacked. The circumvention of a guideline normally picked up by the Googlebot quickly is worrisome. The fact that none of the sites have real content and don't appear to even be hosted anywhere is even more scary. How did millions of sites get indexed if they don't exist?

SEOs

[Chilled_Fuser]

  Using one page of information for Google's spider and then using a redirect for a non-spider user. It's an SEO tactic.

Not hosted anywhere?

[Vicegrip]

The article makes the claim that the "hijacked keywords" are going to redirection websites that do not "appear to be hosted anywhere".

That seems a little incredible to me. :)

Invisible, IPless, Chinese web-servers are taking over Google! Personally, I'll just let Google worry about trying to protect its search engines. :)

Re:SEOs

[Billosaur]

It's more than likely related to IP address than user agent. I used to work in web site metrics, and the number of fouled up user agents and spoofs was always staggering, but IP was a pretty good indicator of who was doing something. No doubt the bad guys have tracked the Google bot's IP over a long period of time and perhaps made some correlations to give them a pretty good idea if the site is being revisited by Google under an assumed user agent. I'm not sure, but it would seem to me that Google would have thought of spoofing it's IPs long ago, to avoid people being able to track them, though I can't say how you'd go about that.

Google is working on this ...

[miller60]

Back in May Google launched on online security blog [blogspot.com] as part of a broader effort to detect malware sites, presumably to exclude them from the SERP results. They're clearly behind the curve. But this post [blogspot.com] offers an overview of Google's efforts and ambitions in this area.

Re:I Bet It's a Simpler Explanation

[suv4x4]

I imagine that spammers could band together or simply get botnets 'clicking' as independent IP addresses links that boost their page rank. That's how it worked with Bush, they simply linked his homepage as "miserable failure" and suddenly he was the number one result from that query in Google.

I like your post, but Google can't detect if you "click" a link. It doesn't need botnets to click links from different IP addresses.

It just needs the mere *presence* of those links, with the same text, to the same page. Also the hosting servers of those sites should have different IP-s.

The miserable failure bomb was simply a bunch of bloggers posting a link on their blogs. When GoogleBot came around and found the links, the attack was accomplished.

Re:Google hacked, sites don't exist, um ...

[Clandestine_Blaze]

Millions of sites come into being and go out of being all the time. What does this statement have to do with anything? It seems like submitter has a lack of understanding how basic Google and the web work, but the story has made it to Slashdot.

If you had bothered reading the article, you would have seen:

• The .cn sites don't appear to be hosted ANYWHERE. They are simply redirected domain names. How they got ranked in Google in such a short period of time for fairly competitive keywords is a mystery. Google's index even shows legitimate content for the .cn sites.
• It appears that the faked sites are redirecting the Googlebot to a location where content can be indexed, while at the same time recognizing normal users and redirecting them to a site that includes the malware mentioned earlier. This is an obvious violation of Google's guidelines, but the spammers have found ways to circumvent the rule and hide it from the Googlebot.

Yes, millions of sites do come into being all the time. Had Google indexed a site, and had said-site disappeared before the index was updated, you would simply either hit a landing page (if that domain was purchased but not set-up) or you would get an error message [carrotsticksareyummy.com]

The submitter was referring to instances when a fake redirector is being set-up and tricking the googlebot by sending it to websites with content and keywords while sending normal users to malware-infested sites. This is a completely different situation than "Millions of sites come into being and go out of being all the time." In this case, those sites are still there and are appearing pretty high up in the index, while redirecting unsuspecting users to other websites. They exist in the physical sense, but that's about it.

I think the Slashdot IQ level is dropping because this is a Digg story.

Or because the readers simply don't bother to read the articles they comment on any more.

Re:I Bet It's a Simpler Explanation

[suv4x4]

We're not talking about the results page, but just links. In sites separate from Google.

What hijacked phrases? Not seeing this.

[Animats]

I'm not seeing any of this. I'm trying commonly spammed phrases in Google, and seeing nothing unusual.

• "digital camera" - OK
• "ink cartridge" - OK
• "flat screen TV" - PCworld at the top
• "auto parts" - OK
• "london hotels" - usual results
• "britney spears" - usual results
• "viagra" - Pfizer, Wikipedia, etc.
• "rebelde" (the Mexican telenovela, one of the top ten searches) - normal

Not one .cn site in the top 10 for any of these.

Re:specific phrases?

[wbean]

There's a sample search phrase posted in the comments to the original blog entry. It produced a lot of funny .cn results for me. Here it is:

Bayesian networks and decision graphs Finn rapidshare