Unmask Parasites - Check your web pages for hidden links, iframes, malicious scripts, unauthorized redirects and other signs of security problems.
Loading site search ...

Using Wget to Detect Hijacked Search Engine Traffic

07 Apr 09   Filed in Tips and Tricks with Comments Off on Using Wget to Detect Hijacked Search Engine Traffic

Some time ago I had a series of post about the .htaccess exploit that redirected search engine traffic to bogus Antivirus sites.

This sort of exploit is still very wide-spread. Many site owners wonder why Google blacklists their sites when their web pages are absolutely benign and sites mentioned on Google’s Safe Browsing Diagnostic pages have absolutely nothing to do with their site’s content.

Here is an excerpt from a typical Safe Browsing Diagnostic page for an affected site:

Malicious software is hosted on 5 domain(s), including best-antimalware-pro-scan .com/, fastantimalwareproscanner .com/, fullantispywareproscan .com/.

4 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including module-antispyware .info/, securedradiostation .cn/, great-antispyware .info/.

When I see multiple antivirus-related domain names in the diagnostics, I almost sure the site has a hacked .htaccess file that redirects search engine traffic to scam sites. Still I need to verify my guess.
Continue »»