On Monday, Sunbelt Software's security blog revealed that thousands of malware redirects were showing up in search engine results. Network bots designed to post relevant keywords and spam links in various online forms (think forum posts or blog comments) helped attackers claim high-ranking search engine positions for various obscure and seemingly innocuous search terms. According to Sunbelt, two of the thousands of terms were "infinity" and "hospice." Yeah, that's cool. Search for hospice information for a sick friend or family member, potentially get your system infected with nasty malware. On Tuesday, Sunbelt revealed more information about the ill-effects clicking on these fake links could have on a vulnerable system (as a reminder - ALWAYS keep your browser and Internet security tools up to date). Best case scenario - you might end up with one of those annoying toolbars and pop-up ads for fake security software. Worst case? Your computer could be used to generate false-clicks for the attacker's pay-per click programs (so they infect your system so that you can make them money), or worse still, that bot could load other malware/worms/trojans onto the unprotected system. Further investigation also revealed that these SEO-poisoning attacks were targeted at Google, although other search engines may have also been victim to the attacks.
Google has cleansed more than 40,000 of these hosting sites from their index, so for now - it looks like the biggest source of this sort of attack has been taken offline.OK - you might be thinking, spam search results show up everyday - why is this a big deal? It's a big deal because the techniques used for these attacks was more clever and thought out than the typical SEO-poisoning. It's also a big deal just based on the sheer scale of sites and domains dedicated to hosting these links and because of the malware involved.
It's great the Google stepped up and cleansed the index so quickly after being made aware of the problem, but this should be a big (or continuing) wake-up call to users who don't stay up to date with security updates or don't have some sort of Internet security solution. And while Windows users are obviously the users who are most directly affected by these types of attacks, having these kinds of search results show up as relevant, even if the link can't harm your system, is bad for the Internet community as a whole.
There's lots of talk within the tech community, especially the blogosphere about using SEO and how it's GOOD for bloggers and doesn't negatively affect readers/searchers/regular users. This is a lie. Instead of Search Engine Optimization, SEO should really stand for Search Engine Opportunism, because that's what it really is. Look, we certainly don't object to gaining revenue from ads or page-views on a web site, that's why we are able to do what we do; we do object to gaming the system and using loopholes to insert web sites into search queries that really have nothing to do with the content. Techniques to make sure your relevant content shows up in corresponding searches is one thing -- inserting back-door code that is aimed at getting higher page ranks and more page views, regardless if the targets are actually correct, is another. To us, the type of SEO attacks revealed this week are only a few steps away from what tons of bloggers/websites do every day: purposely try to game search engines just so they can get more hits to their site, and by extension, maybe make a few extra dollars. Unless you are running a straight-up scam link-farm or very, very lucky -- the highest search engine rank in the world is not going to have lasting benefits if the content is nonexistent.
[via Slashdot]
Reader Comments (Page 1 of 2)
11-29-2007 @ 1:41PM
Conda said...
ah, I wondered what happened... Google Hacks (which was covered on here before) was acting strangely for some searches when I was using it yesterday
Reply
11-29-2007 @ 3:24PM
GoOrange said...
I was a bit alarmed when I first heard of the malware sites popping up in google searches. It's good to see google tackling the problem in a hasty manner.
The whole idea of search engine opportunism still irks me. Argh.
Cheers
Reply
11-29-2007 @ 3:28PM
Sunfell said...
It was interesting to note that all the malware sites shown had domain names out of China.
Reply
11-29-2007 @ 11:49PM
fl0rine2 said...
Good article, but there are some inaccuracies. Not all SEO's can be placed in the malware-spreading category. Also, it kinda makes it hard to rank for a keyword even if you have a completely legitimate white-hat site when wikipedia trumps every google result page without any effort. Google's algorithm favors aged domains heavily. For this reason, any little guy wanting to make a dent in the first page on google for a given keyword is at a starting disadvantage. Enter SEO. With some work, the little guy can boost his page up in the rankings and compete with the big names.
Reply
11-30-2007 @ 12:36AM
Canuck_SEO said...
Google keeps talking about smashing spammy methods - but guys just look at #1 ranking for "promotional products" - you will see a website thats screams scam and it got this ranking through automated blog comments from chinese and russian blogs (over 90% of their links have been acquired like that). Isn't it a blatant example of google failure? and such cases are numerous i can assure you.
Reply
11-30-2007 @ 9:27AM
Sverre Sjøthun said...
"Search Engine Opportunism, because that's what it really is...."
Great to see you have your empiry straight. You obviously have no clue about what good SEO can do. Or that Matt Cutts, head of Webspam at Google, endorses it (good SEO).
Reply
11-30-2007 @ 3:20PM
Mark Barrera said...
SEO is not bad. Spamming is bad. Research the differences before you slam an entire industry.
Reply
11-30-2007 @ 4:11PM
Christina Warren said...
I certainly don't mean to "slam an entire industry;" as I stated in the original post: "Techniques to make sure your relevant content shows up in corresponding searches is one thing -- inserting back-door code that is aimed at getting higher page ranks and more page views, regardless if the targets are actually correct, is another."
That isn't to say that every person who employs what they call SEO is spamming or is in the same league as malware - not at all - but perhaps we need to differentiate between the two practices by creating a term that describes legitimately promoting a site through search algorithms or other forms of legitimate marketing and the blatant opportunism that many, many people/companies/networks employ to try try to get more hits - regardless if the search terms are relevant to their content or not.
11-30-2007 @ 4:48PM
Doug Heil said...
Hi Christina, Yes, there are many bad apples out there. SEO does not equal spam or what we like to call "blackhat" techniques. The techniques you describe are actually illegal. Please know that many SEO's are good people who do their best to make search results very relevant. They help sites achieve good ROI. The best ones will redesign a site if they know the current site would never do much even if they are on the first page of results.
Be careful about putting the whole industry under one umbrella as there are "some" really good SEO's out there. Granted; there are "many" bad people who game and try to trick their way to the top at every opportunity, that's for sure. Spammers are NOT SEO's. I call them cheaters. Blackhat - Cheater
Reply
11-30-2007 @ 4:50PM
Josh Garner said...
Christina,
RE "but perhaps we need to differentiate between the two practices by creating a term that describes legitimately promoting a site through search algorithms or other forms of legitimate marketing and the blatant opportunism that many, many people/companies/networks employ to try try to get more hits - regardless if the search terms are relevant to their content or not."
There already is. SEO vs. Spammers. The idea in SEO is not to trick the search engines in any way. We help website owners optimize their sites to provide quality content, while abiding by the guidelines' of the respective engines. Your latter description would be that of a spammer.
I don't mean to sound harsh, but I feel it was extremely irresponsible to bunch SEO's in this fashion. We face mis conception on a daily basis, and the perpetuation of these statements from those who really should know better just makes it harder.
Reply
11-30-2007 @ 4:57PM
perkiset said...
LOL @ Search Engine Opportunism.
It never fails to amaze me how people consider Google (et al) to be some kind of altruistic global index.
They are a business. They exist to make money.
The practice of SEO is as old as marketing itself - there are mechanisms for talking to the populace, and (the company that I am advocating as an SEO) wants to be loudest. The search engines have placed themselves in a position of being the vehicle, the businesses of the world are the content. Spammers are simply another kind of capitalist - taking advantage of the fact that Google (et al) can be played so that (their clients that they are advocating) can be loudest.
Let us never deceive ourselves that this game is in some way a battle of good against evil or right and wrong... it is capitalism at its peak. Spamming is not "bad" or "wrong" - it just sucks, that's all. And make no mistake - it is the search engine's job to not get gamed... if I put technology out there for the world to use, I must expect that it will be manhandled, folded spindled and mutilated WAY beyond what I ever intended for it to be.
Clearly, if I step over the line into damaging (your) computer with (my) processes I've moved into the same malicious space as any business deviant, perhaps further - but here I think it is incredbly important to differentiate marketers and marketing from script kiddies and hax0rs. As a coder for over 30 years I am proud to call myself an old hacker - having gotten that nick from a time when it was a good thing. But to paint all SEO with the same brush as a script kiddie is simply inaccurate.
Unless your real point here is linkbait, in which case you've succeeded well, and demonstrated that you know plenty about SEO... ;)
Reply
11-30-2007 @ 5:19PM
Mark said...
"Search Engine Opportunism, because that's what it really is...."
Lol. Perhaps you should do another article "how to make yourself look like a moron in 1 blog post"?
Reply
11-30-2007 @ 7:06PM
Doug Heil said...
NO. Christina is not a moron. She simply reads many of the silly "social media" sites and writes about what she reads. That's all. It's OUR industry's fault for NOT educating the outside world about what REAL SEO is and is not. Don't shoot those out there who are trying to understand.
Heck people; can we really blame someone like Christina when our own damn industry tries to blur the lines whenever they can between REAL SEO's and blackhat spammers? I can't blame her at all, but I DO blame our own industry.
Heck people; our damn industry INVITES blackhat spammers to speak at conferences. That's right; they sure do. OUR industry leaders take monies from Blackhats for advertising. What the hell do you expect Christina to think about things anyway? What do you expect anyone to think who does not live and breathe SEO stuff every day?
It's time the REAL SEO's in this industry stop being a bunch of babies and start taking on responsibility for their own industry and how others think of it.
Reply
11-30-2007 @ 7:45PM
Christina Warren said...
Thank you for your response, Doug; it really summed up my own feelings as to the whole blurred lines between so-called black hate SEOs and the legitimate guys.
No, I'm certainly not an expert at SEO - and in the future I will try to differentiate between the two groups that are both trying to use the label, because certainly not all SEOs are the same. As you said though, it is problematic for those of us who are not entrenched in the SEO industry to not use the term when describing people who are straight up spammers (even if we qualify that with "some" SEOs) or people who are purposefully using SEO-like tactics to attempt to generate revenue, regardless of how well the site fits with the keywords, when so many people go out of their way to blur the lines between the two camps. It's not just the social networking sites that proliferate the confusion because they label SEO as evil (and my experience is actually that many social networking sites promote SEO - even if the SEO practices are blatant gaming and manipulated search results not related to content), it's many sites claiming to be SEO sites and networks as well. While they might not be true-SEOs in the strict, white hat industry defined way, there is nothing stopping them from proclaiming to be part of the SEO industry, or that their tactics are against or at least, different, from what a "real" SEO is trying to achieve.
That was my whole point about a different term - I totally understand that "black hat" exists - but while that is totally applicable to something like the malware infested attackers that were the subject of this article (which is why I called them attackers as many times as possible, and only used SEO-poisoning because that was the term used by the security experts at Sunbelt), the group I described (and am accused of overgeneralizing as all SEOs - and that's a valid point, as I said, in the future I will try to differentiate) in my last paragraph doesn't really fit the profile of what I typically call "black hat" - because they aren't invading people's systems.
I guess my rambling point in all of this is that I agree with the responses that say that it is wrong to set all SEOs in the same category -- I thought I had made that clear in my original piece (clearly, that was wrong) -- but that doesn't change the fact that lots and lots of people using tactics masqueraded as SEO (and under the guise that it is legitimate) still do things, that in my opinion, hurt the Internet community as a whole.
11-30-2007 @ 8:16PM
Doug Heil said...
I totally agree with that. Now why don't you try to educate the "SEO conference" people out there to stop bluring the blackhat/whitehat lines? "People" meaning everything involved with the conferences and search engines... including Google who also takes money from the blackhats. It's going to take outside people to make them understand the REAL problems in this industry. I certainly can't do it as they see me as a damn threat to them.
Reply
11-30-2007 @ 9:27PM
perkiset said...
@ "Blurring the lines" ...
@ "Masquerading as SEO..."
You're kidding, right? Do you really mean to say that the notion of search engine optimization, or for that matter websites or in fact the entire internet community can be cleanly cut between good and bad, right and wrong, black and white? And who is to define this, eh? The rules shift at Google as often as they need to to protect themselves. Ergo, based on this notion: WH yesterday, BH today. Through no doing of my own.
I do acknowledge, Christina, that you're backing off the "SEO folk are evil" platform and that is admirable, but there is still a fundamental flaw underlying the entire discussion. And I agree with you that *malicious intent* is something wholly different.
However it's really the entire SEO argument that is the problem. It's almost a religeon! When was the last time you went to Digital Point and watched the so called avowed WhiteHats talk about what they need to do to get their clients (or themselves) to the top? It's as gray as can be! There is no "line" except in the minds of zealots.
I can argue ALL DAY LONG that the spam in my IRL mailbox is "damaging the world community" by killing trees to deliver a piece of useless drivel to me, but that does not stop the tide nor make the marketing efforts "wrong" - they are taking advantage of society as it exists. From that perspective, it is arguable that the vast majority of blogs are spam because they do no good to the collective knowledge base... they are often just otiose rants about how one is feeling today. So what if I find *THAT* stuff damaging to the "Internet Community?" Does that make it wrong, or would that make me simply an opinionated jerk?
Based on *MY MORAL FRAMEWORK* and value structure, I have an opinion about what is "right and wrong" and what is acceptible as non-spam and non-damaging. But I am in no position, and frankly neither is anyone here, to place judgement upon the efforts of others, whether it's to further the cure for cancer or sell viagra.
The 'net has become the wild west... and there will be preachers and prostitutes alike. Time to grapple with the hard truth that our personal value framework does not define the righteousnous or evil of other's efforts to be heard.
11-30-2007 @ 9:12PM
Mark said...
"what I typically call "black hat" - because they aren't invading people's systems."
Black hat SEO is not about "invading peoples' systems". All black hat refers to is breaking the guidelines that search engines make up themselves. Who says we have to play whatever rules Google/MSN/Yahoo set? It's our bloody Internet, we make it - they just let us search it. If Google doesn't want me to be indexed, fine.
You miss the point that black hats are responsible for a hell of a lot of search improvements. I see them partially as search engine debuggers - it's them exploring the algorithms and finding loopholes that lead to better quality search results. Black hat doesn't even have to be connected to malware, you're getting your terminology totally mixed up.
@Doug Heil is somebody isn't educated on a topic, they shouldn't be making damning and sweeping statements.. That's just retarded, if you're going to insult us - just do your homework first.
The whole discussion about "white hat" "black hat" is a crock of crud anyway. Any SEO worth their salt should know black hat, white hat and everything imbetween. I don't see how gaining extra links is "gaming" the search engines, surely that's just marketing, same as the offline world..
Google is running a business, we're running a business, that's life - if you don't like competitiveness and capitalism, go use sproose.com or something. I don't see why SEO's should have to educate everybody in the world to stop them making assumptions about our industry.
"Blurring the lines"? Google isn't clear itself what the lines are, just look at their quality guidelines, they are about as vague and on the fence as you can get. White hat SEO barely works, Black hat gets you banned, the most effective SEO lies somewhere in the middle.
Get used to it, it's not going away.
Reply
11-30-2007 @ 9:58PM
perkiset said...
Bah. The more I re-read this the more it pisses me off.
Ask the travel experts
Travelers Insurance
Fly SouthWest Airlines
Jim Cramer on Blogging Stocks
Lending Tree
Intel Centrino Duo
WhatADifferent.org
Samhsa
Ads by Google
Boostup.org
AOL Money and Finance
Radio Shack
These ads are a smattering of what appeared on THIS RENDERING of your website. Why do you show ads? To make your money. What do you need to be effective? Traffic. What do you do to get traffic? Work on buzz, social networking, backlinks - and this results in ... wait for it... high search engine placement! Which results in more eyeballs, more traffic and a nicer car.
The problem is that you won't admit that you are exactly the same... you just use different methods. You cloak yourself in righteousnous as if *this very blog* is some altruistic giving from your heart and a sacrifice on your part. Personally, I prefer to hang with people that are more honest about their intentions and methods. Spam about viagra and mortgages and mesothelioma may be a pain in the rear, but they are at least honest by comparison.
Reply
11-30-2007 @ 10:16PM
Mark said...
@perkiset
You put into words exactly what I cba to type =)
Reply
12-01-2007 @ 5:31AM
Kalena Jordan said...
Sorry, but I can't take seriously anyone who has "seo poisoning" as a blog tag. You've just lost this site a potential subscriber.
Reply