14 DAY TRIAL // This is not new but it seems like it is getting more serious. Google is now assaulted by a considerable number of dangerous websites which redirect the users to virus equipped pages attempting to infect the visitors' computers. The Google Watchdog did an interesting analysis over this matter and revealed that most of the spamming websites included in the Google SERP are coming from .CN domains.
It seems the spammers prefer to use the Chinese domain because they are incredibly affordable as anyone can buy one for less than a dollar. The interesting fact is that even if the super giant Google struggles to filter the results provided to the users, many of the spammers managed to bypass the protections using the Chinese domains and clean websites used to drive traffic to the infected pages.
"The .cn sites don't appear to be hosted ANYWHERE. They are simply redirected domain names. How they got ranked in Google in such a short period of time for fairly competitive keywords is a mystery. Google's index even shows legitimate content for the .cn sites," The Google Watchdog mentioned in the blog post.
However, I'm extremely curios to find out how they managed to trick the Googlebot and index a website as long as it contains redirect scripts bundled with malicious content. It appears like the dangerous pages are redirecting the Googlebot to legitimate pages used especially for Google Search inclusion. After the search engine has finally indexed them, the spammers are inserting the malicious content into the pages and start the entire procedure.
"These sites are numbering in the millions for many different keywords and phrases, and appear to be developed on an automated basis," the blogger wrote. No search query is mentioned in the article but according to a security expert, some of the websites are really dangerous for users' computers.
"We've seen a real surge of this thing over the last couple of months. By putting out just the landing pages, they get up near the top of the search results and potentially get a lot more victims before they get shut down, " Roger Thompson, a Exploit Prevention Labs researcher said for The Register.