Google Owned: Botnets Collapse Link Algo

by Ruud Hein December 4th, 2007 

Quick recap;

Google created a problem for itself when it chose links to a web page as one of the corner stones for ranking web pages.

As the web of links form link patterns, manipulating links isn't that easy. Unless you can manipulate the link pattern itself…

Manipulating Link Patterns

Anyone who has ever attempted 3-way linking is familiar with the idea of manipulating link patterns. Truth is, with a couple of sites in your farm, the setup remains transparent.

But using 50,000 sites you could do major damage to Google's link based algorithm and convince it of your relevance for any query you desire.

Google Owned

google-owned And that's precisely what's been happening over the past weeks where botnet generated .cn spam domains were grabbing #1 search results in order to push malware to the visitor landing on their pages.

Last week alone, criminals posted 40,000 to 50,000 of these malicious pages in a single, coordinated attack, said Alex Eckelberry, CEO of Sunbelt.

"What has surprised security researchers was the scale of this," Eckelberry said. "This was a very big attack, a very fast bolt from the blue."

1000's of links on 1000's of spam sites, forums and blogs, push 1000's of domains to first page Google results.

By posting tens of thousands of Web sites simultaneously, criminals can take over all the top spots on a search results page, casting a wide net that's more likely to catch Web users.

Eckelberry described these criminals as "SEO Gods," saying they can "take any site and get it on the first page of Google results."

suspiciouslinks12388The screenshot on the right, courtesy of Sunbelt security software, shows domain after domain of spam owning Google.

Although Sunbelt reported last week that Google has removed these sites from the index, using Sunbelt's own example query funny drunk quote site:cn at the time of writing still show  these sites own position 5 through 100.

Botnets Own Google

Face it, if links from different domains on different IP's is what Google wants, 70 million compromised computers can provide that.

Today's botnets consist of more machines than Google owns.

They can take down Europe's most connected country.

They can certainly take down a link-based Google — and this time asking for "nofollow" and otherwise throwing a PageRank penalty won't help.

Further reading:

Ruud Hein

My paid passion at Search Engine People sees me applying my passions and knowledge to a wide array of problems, ones I usually experience as challenges. People who know me know I love coffee.

Ruud Hein

You May Also Like

4 Responses to “Google Owned: Botnets Collapse Link Algo”

  1. Mack says:

    First let me say, nice "Owned" image. I think your right and Google is victim of owns success. I think they are trying to correct the problem now, but it just seems to late with a complete makeover.

  2. [...] Again, this is not going to work. One single company, no matter how big, cannot police the whole Web. No matter how hard it tries, people will keep finding ways to exploit link vulnerabilities(via searchenginepeople.com). [...]

  3. Matt Ridout says:

    Very very interesting. Large scale mass domination, at least it didn't last.

  4. I just paid good money to get my laptop cleaned of junk. F*** the spammers. F*** the hackers. I have good manners, but these assholes are too much. They should make a bulk spam report tool for this, and power up the sandbox effect for things targeting competitive queries, as well as turn up the spam checking while sites are in the sandbox. And only turn it down mildly once that's done, because of the possibility of bait-n-switch (turn whitehat sites black after they're out of the box).