Is Spamdexing on the rise?

There has been a lot of media coverage lately on this subject … while it’s (finally) nice to see this problem is getting the attention it deserves … this is nothing new. Spamdexing has been going on for years …


Spamdexing or search engine spamming is the practice of deliberately and dishonestly modifying HTML pages to increase the chance of them being placed close to the beginning of search engine results, or to influence the category to which the page is assigned in a dishonest manner. Many designers of web pages try to get a good ranking in search engines and design their pages accordingly. Spamdexing refers exclusively to practices that are dishonest and mislead search and indexing programs to give a page a ranking it does not deserve.” [source]


In a recent article “Google Cleans Up Returns; Yahoo Not So Much” it states: “For instance, on Nov. 29 Benedini searched for the word “giubbotto” (Italian for “jacket”) in .info domains and found that nearly all of the sites returned by Yahoo redirect to malware.”


So I went to Yahoo and used the search terms defined and sure enough those results are truly infected with malware. What’s not mentioned is that the malware (99.9%) were being hosts from the same IP Address …


While the big search engines may have cleaned up the “search terms” they can do nothing about the Spamdexing itself. These culprit have posted malicious links in Forums, Guest Books, etc … and as usual these posts are mainly to sites that have not updated their software making it easy for these culprits to continue with their evil activities …


There are 437 sites listed on that one IP address and in checking each site shows up in a Google search with about 3500 results … 437 sites x 3500 results = 1.5 million pages … ouch!



As you can see they have posted malicious links in many different country’s making this a world-wide problem …and sadly in most cases these culprits use automated software to make these postings.


Thankfully my Antivirus (NOD32 from eSet) detected all the malicious links and blocked access to them …



If you look closely you’ll see a pattern in the “.js” files … virtualy all the same. Since these sites are hosted in Russia it’s doubful anyone will have much sucess in getting these sites shut down …




Comments are closed.