Google News and Yahoo! News Blog Spam

even google news and yahoo! news are being affected by blog spam these days.

recently we reported how del.icio.us, reddit and even amazon reviews were hit by comment spam, but now, it seems like we are moving up in the world. what comes around goes around and apparently the insistence of the search engines to index spam web sites now hurts them as well.

from the linked blog below, here are pics.

google:

yahoo!:

apparently, this spam is achieved by spamming covered web sites (much like with the sco defacement where the banner ad site was the one hacked). the search engines have no control over the sites they cover.

this is a basic implementation of “reflections on trusting trust”. the weakest chain in your security will always be attacked, while you can never secure every link in the chain, some of these will be too expensive for you or beyond your control. and if it if your partner or affiliate, well, there are only that many ways you can deal with it.

jeremy wagstaff covers this in his blog, where i learned of this:

but it’s not just ordinary search results that get spammed. it’s news. a search for “ringtones” on google news, for example, throws up “free mono ringtones” as the top item:

(“ringtone” throws up similar results.) amazing, not only is it the top story but all the six “related” stories you can see as a green link below the four are from the same domain, advertising a range of goods that can hardly be lumped together with ringtones, including sildenafil and tenuate. (searches of those words on google news also have the same domain as top ranked, at least at the time of writing. here and here. in fact the results for tenuate do not throw up a single news story; all eight matches are web spam.)

the sites in question are all subdomains of www.vibe.com, an online magazine which is indexed by google news for its pieces on musicians. the pages that hit the top rank of results for ringtone and ringtones, however, are community messageboard pages, and clearly marked as such, which makes me wonder how either the web spammer is fooling the google bots into indexing pages which are clearly not news by any definition, or why google’s bots aren’t doing the job they’re supposed to be doing.

yahoo! news’ search doesn’t do much better: its first hit is a web spam site under the domain www.ladysilvia.net, which doesn’t even pretend to be a news site.

well, this is getting interesting, isn’t it?

gadi evron,
ge@beyondsecurity.com.

Share