General discussion

Benutzerbild

Massive Google bomb in progress

Thu Oct 29 04:07:58 2009 – lunboks

I just noticed this: Do a Google search for "borderlands ports pc" or variations. I figure a lot of people must be searching this since Borderlands (a game that just came out) requires you to manually open some ports.

http://www.google.com/search?q=borderlands+ports+p...

The results consist 100% of infected domains that serve redirects to malware (or sometimes cnn.com, for some reason).

Benutzerbild

Not Quite What You Got

Thu Oct 29 10:03:40 2009 – angelopc

I ran the search and saw a variety of sies that were rated as safe. Yes, there were many that were dangerous, but not nearly all of them.

Ed Coyne
www.AngeloPC.com

Benutzerbild

Is a useful observation

Thu Oct 29 14:33:41 2009 – js9600

Is a useful observation though since many will attempt to guess your keywords and SEO their way to the top - with not so great content. Is a big time hobby when it comes to malware, more consistent perhaps. Crappy reseller/affiliate links try to come across as real helping sites for example. That same tactic is seen with shiny new keyword, or opportunity, just shows importance of taking it easy at Google.com Anything unknown among 10-20 first hits should be checked out - may be through a Google search :)

Benutzerbild

never visit an unknown (to

Thu Oct 29 21:42:55 2009 – demonluo

never visit an unknown (to u) site w/o sandboxie (or any of it kind of virtual protection)...

Benutzerbild

@angelopc

Thu Oct 29 22:18:44 2009 – Warxas

To verify black-hat SEO posining you must be fast. In a few hours the malicious sites may be gone. ;)

Now, what I found. I'm not sure about this, because I only checked quickly.

The first result, miamibeachdj.com is malicious, said so by Google.
I would not rate it red though, because it seems to be a victim. Since It has only had malicious content once in the past 90 days.

The second result ufologie.net fourth eliboat.com and fifth arabsforchrist.org redirect to cnn.com.

Results three and six are rated red in WOT.
christinemaudy.com and becomingaradiologist.org

So like lunbrooks said, I would avoid searching for borderlands ports pc, for a while! :D

Benutzerbild

Gumblar-ed Web sites

Fri Oct 30 04:51:13 2009 – amishrabbit

They all look like they've been hit with Gumblar, and are being promoted by BHSEO techniques.

The sites all use the same URL patterns:

example.com/?t=borderlands-pc-ports

The Google bot is presented with a version of the site which contains only keywords -- check the Google cached version of the page. That's part of the SEO.

I would like to say right now, for the record: the tards behind stuff like this are so unerringly dull it's unbelievable. I'm so *bored* of this.

Benutzerbild

^^ Like all are...

Fri Oct 30 05:49:44 2009 – jpvip

I find all malware writers to be dumb. One way or the other, they seem to do something dumb, or even stupidly smart.

Maybe some of the bigger malware is done by stupidly smart, but the rest are all dumb.

~DragonMaster Jay, malware researcher,
Admin, helpmyos.com

Benutzerbild

I don't think they're necessarily dumb

Fri Oct 30 17:49:32 2009 – amishrabbit

Just boring. So repetitive. So predictable. Yawn.

Benutzerbild

This post may help people

Sat Oct 31 00:23:38 2009 – wehaveitall

WOT is pretty high in search results, and this post may eventually be on the first page, reducing the people who click the dangerous links.

We rate the websites, the WOT staff creates, and advertises the add-on, and together, we make it all happen.