Thousands of Hacked Sites Seriously Poison Google Image Search Results
This investigation began a few weeks ago, when I came across the following two threads in website security forums: [badwarebusters.org] Lately I have been seeing a huge increase in the number of hacked sites appearing on google image search results that redirect to a fake Av scanner. more »» [Google Webmaster Help] google image search results often has multiple infected / malware sites on the first SERP page. more »» This is a well known problem. I blogged about such SEO poisoning attacks several times here. This time I decided to check what’s behind the reported increase in malicious image search results. The attack uses cloaking to feed keyword-rich pages with hot-linked images to search engine bots and return a malicious JavaScript that redirects to fake AV sites to visitors that come from search engines. Here’s a screenshot of a typical Google Image search results page where I highlighted suspicious results Pink frame: the image is hot-linked, Red frame: the results is outright m