Google Incapable of Eradicating OR now supporting Black-Hat ?

[dhayman]

This guy is making a mockery of Google with his illegal redirects using server NEVTAKT.INFO. All of the sites below are using this server to redirect (usually to Poker Site MANSION.COM). This spammer formerly used SEOEXP.INFO as his redirect server.

Here are some of the sites that come up with either "poker sites" or "best poker sites" (both without quotes). Note the following:

1) Commonality of the URL suffixes used by
this spammer;

2) Almost all URL's, when clicked, wind up going
to a redirected MANSION.COM site, using the NEVTAKT.INFO domain


I think the message that Google is sending here, is that Black-Hat is now OK.


xhttp://americanwomensuck.com/forums/cache/skin_cache/cacheid_4/topic/poker-7.html

xhttp://www.planetnana.co.il/p-sites/poker-sites.html

xhttp://images.innocentangel.userplane.com/stories/doc/poker-28.html

xhttp://tryengineering.org/TECMS/pdf/pdfread/poker-30.html

xhttp://www.worldpizzachampions.com/catalog/pub/data/poker-13.html

xhttp://notarylaw.com/pdf/fonts/ttf/poker-25.html

xhttp://notarylaw.com/images/button/poker-35.html

xhttp://martinarchery.com/o_manual/pics/upload/poker-15.html

xhttp://boulat.com/rlpro/Work/poker-12.html

xhttp://www.hottitude.com/social/member/list/poker-37.html

xhttp://boulat.com/fishyshoop/files/products/game/poker-35.html

xhttp://americanwomensuck.com/forums/cache/skin_cache/cacheid_4/topic/poker-9.html

xhttp://newhopecc.net/scrapbook/include/config/poker-39.html

xhttp://hollow-hills.com/phpBB/images/avatars/index/poker-8.html

xhttp://notarylaw.com/pdf/fonts/ttf/poker-32.html

xhttp://newhopecc.net/scrapbook/albums/avatars/poker-6.html

xhttp://www.hottitude.com/social/gallery/uploads/poker.html

xhttp://www.worldpizzachampions.com/gallery/gallery/poker-23.html

xhttp://wheresyourt.com/images/stars/poker-39.html

xhttp://images.innocentangel.userplane.com/stories/doc/poker-7.html

xhttp://martinarchery.com/o_manual/2001manual/img/poker-38.html

xhttp://www.rachacuca.clubedohost.com/upload/files/poker-34.html

xhttp://boulat.com/fishyshoop/files/products/game/poker-6.html

xhttp://www.hotboards.com/plus/plus.mirage?who=pokersites

[Casinomeister]

WARNING Some of those URLs contain Trojans. I picked up one at http://www.planetnana.co.il/p-sites/poker-sites.html

Did you complain to Google about this? Have you PMd Mansion (or any other casino rep whose properties are being marketed)? This would be a good start.

BTW, when posting - there is an option "Automatically make website links clickable" - you can unclick this to eliminate putting an x in front of URLs to make them unclickable.

[lots0]

Don't blame google for some site getting hacked because the site owner uses a non-secure CMS...

You might try contacting those sites that have been hacked...

Just go to the root domain name (hackedsite.com) and contact the whois listed contacts, just send them the hacked URL(s) and a note telling them they have been hacked.

Most folks will fix the problem and get the search engine spam and nasty software off their sites fast. Not to mention that google will penalize their entire site for not getting the hacked crap off their site in a timely fashion.

If you just want to report the hacked pages to google (google MAY contact the site owners before taking any action, which will delay removal of the hacked page from the index) use your google account and use the report spam option there... DON'T use the public accessible spam reporting page, no human will ever see it if you report it there.

These scumbag spammers are finding exploits in a lot of common CMS (Content Management Systems), the best way to get rid of all this crap is for the CMS programmers to start patching their products and writing new systems that are more secure.

>>>added stuff


By the By...

I have done this myself and it works...fast.
Not to mention that the site owners are very often grateful for being told their site was hacked...
I got a bunch of really good ‘free’ links from some very grateful site owners...

[jerryg]

Yeah, unfortunately, a virtually unlimited number of sites are vulnerable to cross site scripting and other nasties. They're actually lucky that all he's doing is throwing up spam content. If he has that much control over the server, he could get truly evil.

[lots0]

>>>Yeah, unfortunately, a virtually unlimited number of sites are vulnerable to cross site scripting and other nasties.


What I noticed was that MOST of these hacked sites allow users to post un-moderated comments or upload their own avatars or pics.

Most sites that restrict or moderate uploading of content from users don't have this kind of problem with getting hacked.

[winbig]

Quote:

Originally Posted by jerryg

If he has that much control over the server, he could get truly evil.

More than likely it's a "script kiddie" doing it, and is totally incapable of doing anything more than throwing spam up there.

script kiddie: Using pre-made tools to do the dirty work, with absolutely NO knowlege of how to hack. They will use tools to scan ranges of IP's for websites with this vulnerability, record which ones have them, then use another program to exploit it.

[lots0]

It don’t matter if it’s a script kiddie or a 1337, whoever is doing the hacking wants to make money using the domain they hacked.

If the hacker starts "getting evil" with the server he will get noticed perdy fast (in most cases) and then the hacker won’t be able to make any more money off that domain. So the scumbags want to stay un-noticed as long as possible, they just throw up a few java script redirects and fade away...

[dhayman]

I report all of these to Google on a regular basis, and am quite tired of doing so. They seem to eventually get rid of the links, but by the time the links are removed, a whole new batch have been indexed.

The perpetrator preys on sites that have "holes", that permit such uploads to be made. That, coupled with their black hat techniques, allow them to elevate to the top of the charts, so to speak.

I make an effort to contact all the effected sites. I never hear back from 75 % of them. Of the remaining 25 %, some thank me for the info, and others tell me to mind my own business.

The bottom line is that Google's filtering algorithms need to dig a little deeper, particularly when redirects are involved. Otherwise, this spammer in particular will continue to make a mockery of Google.

[lots0]

Quote:

I make an effort to contact all the effected sites. I never hear back from 75 % of them. Of the remaining 25 %, some thank me for the info, and others tell me to mind my own business.

Sorry to hear your results are so bad. I am getting the opposite results. About 85% thank me for letting them know. I don't understand why your results would be so different, unless your contact letter to the site owners is being classified as SPAM by the email servers and not getting through to the site owners.

Or maybe someone else has already contacted them...

Quote:

The bottom line is that Google's filtering algorithms need to dig a little deeper, particularly when redirects are involved.

Bottom line is that google does not 'HAVE' to do anything. Google does not owe you or I or any site owner squat. Google is going to do what is good for google, not what you or I think they should do.

Some folks act like google is the creator and perpetrator of their ranking problems... its not... it is just a search engine... and not responsible for your (or my) sites or the problems our sites may or may not have. If you don't like google, forget about them, there are many other sources of traffic out there, you just have to use your head once in a while to find them.

If you really want to bitch about a search engine... you should take a hard look at M$N... all their results for gambling keywords are bought and paid for... Maybe you should talk to them if you want guaranteed ranking in a search engine...