Google created a problem for itself when it chose links to a web page as one of the corner stones for ranking web pages.
As the web of links form link patterns, manipulating links isn't that easy. Unless you can manipulate the link pattern itself...
Manipulating Link Patterns
Anyone who has ever attempted 3-way linking is familiar with the idea of manipulating link patterns. Truth is, with a couple of sites in your farm, the setup remains transparent.
But using 50,000 sites you could do major damage to Google's link based algorithm and convince it of your relevance for any query you desire.
Google Owned
And that's precisely what's been happening over the past weeks where botnet generated .cn spam domains were grabbing #1 search results in order to push malware to the visitor landing on their pages.
Last week alone, criminals posted 40,000 to 50,000 of these malicious pages in a single, coordinated attack, said Alex Eckelberry, CEO of Sunbelt.
"What has surprised security researchers was the scale of this,” Eckelberry said. “This was a very big attack, a very fast bolt from the blue."
1000's of links on 1000's of spam sites, forums and blogs, push 1000's of domains to first page Google results.
By posting tens of thousands of Web sites simultaneously, criminals can take over all the top spots on a search results page, casting a wide net that’s more likely to catch Web users.
Eckelberry described these criminals as "SEO Gods," saying they can "take any site and get it on the first page of Google results."
The screenshot on the right, courtesy of Sunbelt security software, shows domain after domain of spam owning Google.
Although Sunbelt reported last week that Google has removed these sites from the index, using Sunbelt's own example query funny drunk quote site:cn at the time of writing still show these sites own position 5 through 100.
Botnets Own Google
Face it, if links from different domains on different IP's is what Google wants, 70 million compromised computers can provide that.
Today's botnets consist of more machines than Google owns.
They can take down Europe's most connected country.
They can certainly take down a link-based Google -- and this time asking for "nofollow" and otherwise throwing a PageRank penalty won't help.
Further reading:
- Botnet Counter Measures (CERT - PDF):
"If we can not beat botnet, we will not be able to really beat DDoS, worm, spam, trojan, phishing, etc." - More Google poisoning on the way?
"We have seen another spate of websites freshly registered, using the similar .cn domains." - Attack of the Zombie Computers Is Growing Threat, New York Times:
"...what worries me is that the scope of the problem is still not clear to most people"
First let me say, nice “Owned” image. I think your right and Google is victim of owns success. I think they are trying to correct the problem now, but it just seems to late with a complete makeover.
Very very interesting. Large scale mass domination, at least it didn’t last.
I just paid good money to get my laptop cleaned of junk. F*** the spammers. F*** the hackers. I have good manners, but these assholes are too much. They should make a bulk spam report tool for this, and power up the sandbox effect for things targeting competitive queries, as well as turn up the spam checking while sites are in the sandbox. And only turn it down mildly once that’s done, because of the possibility of bait-n-switch (turn whitehat sites black after they’re out of the box).