14 DAY TRIAL // An investigation has revealed that over 100 top US universities have been hacked and injected with SEO spam with the purpose of boosting the search engine ranking of an online gambling site.
The infections are still active on many sites, even today, and consist of just two-three words inserted inside the page's text, linking back to the online gambling portal.
Whoever has done this has been very careful not to attract the user and webmaster's attention. All links inserted on these sites are disguised to use the same text foreground and background color, and hide the link's underline.
As such, the links blend in the page's background, but search engines will detect it and use it to calculate a better search engine ranking for the linked site, in this case, the online gambling portal.
Hacked websites were promoting an online gambling portal
Israeli SEO firm eTraffic says it discovered the hacked sites after it investigated the mysterious apparition of a new online gambling service that managed to skyrocket to the first page of some Google search results for highly valuable keywords (search terms), such as "real money slots" or "slots."
Their investigation revealed that countless of .edu and .gov websites were linking back to this new website, which is extremely peculiar since government and educational portals almost never link back to gambling sites.
"Backlinks from TLD sites of .edu and .gov are highly coveted and possibly the most valued search engine optimization resource," eTraffic's Assaf Dudai explains. "Some of this [competitor gambling] site's links were coming from the most prestigious universities in the States, even one Ivy League – Stanford."
At this point, it was obvious to eTraffic that, by the way links were disguised, someone had compromised these websites and inserted the URLs without the owner's knowledge.
Many compromised sites run WordPress
A few of the compromised sites Softpedia tested were all running on the WordPress CMS, one of today's most popular website hosting toolkit, but also one of the most hacked web platform.
There have been multiple cases in the past when crooks took over WordPress sites, added them to a botnet, and posed as SEO boosting companies.
Whenever a client would use their services, they would insert links to their customers on the hacked websites, helping them improve their SEO ranking, but by illegal means. Google penalizes websites that promote themselves using hidden links.
It may be totally plausible that the gambling site's operators actually bought legitimate SEO services and aren't currently aware that their service is promoted using this illegal technique.
Below is a list of all the top US universities linking back to the online gambling site, the pages where the links were inserted, and the keywords promoted on each page.
