Hacker adds hidden links to major .gov and .edu pages, gets 100,000s of pages in SEs

Discussion in 'General Marketing' started by webplayer, Jan 8, 2007.

0
  1. #1
    While defacing websites is a quick way for a black-hat hacker to get his name out there, if you want to make some quick cash instead, it's much better to remain undetected. This hacker was able to do just that and not simply to some obscure, user editable page of a rarely visited site, but to many pages of a major U.S. University, including its department homepage, a U.S. goverment website, and at least two other important organizations. He has remained undetected for at least two weeks (likely much longer) until now.

    Hacked sites - the evidence:
    Examine the last part of the source code for:

    * http://www.music.uga.edu/ (University of Georgia School of Music homepage) and many other pages on this server, ex. http://www.music.uga.edu/degree_programs/undergrad/
    * http://www.srs.fs.usda.gov/customer/ (USDA Forest Service Comments Info) and many other pages on this server, ex. http://www.srs.fs.usda.gov/history/index.html
    * http://www.sanch.org/ (South African National Cultural Heritage Program)
    * http://www.h-net.org/ (Humanities and Social Sciences Online)

    As might be expected, these websites are all ranked as quite important
    in Google with PageRank of 7 or 6. These pages were served in their hacked form for at least two weeks according to various search engines' caches. The Internet Archive shows that they were unaffected before May, 2006. All four of these servers are running Apache. The last two appear both to be hosted at the Michigan State University (msu.edu).

    I posted some more information about the hacker's sites in a post at http://newsearch.wordpress.com/2007/01/08/hacker-adds-undetected-hidden-links-to-major-gov-and-edu-pages/
     
    webplayer, Jan 8, 2007 IP
  2. mcfox

    mcfox Wind Maker

    Messages:
    7,526
    Likes Received:
    716
    Best Answers:
    0
    Trophy Points:
    360
    #2
    Wonder if Google will deindex the .edu's for having hidden text? ;)
     
    mcfox, Jan 8, 2007 IP
  3. aaron_nimocks

    aaron_nimocks Im kind of a big deal Staff

    Messages:
    5,563
    Likes Received:
    627
    Best Answers:
    0
    Trophy Points:
    420
    #3
    This techinique has been around for awhile and its worthless now. Its been tested and the links dont pass any link value. Big waste of time on his part.
     
    aaron_nimocks, Jan 8, 2007 IP
  4. webplayer

    webplayer Peon

    Messages:
    4
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #4
    I believe they work just fine in Yahoo - they are showing in linkdomain for example. This part is less interesting to me anyway, compared to how a major university department homepage and a government website were hacked without being noticed. 100,000s of spam (and copyright violating) pages indexed in Google and Yahoo is just a side note.
     
    webplayer, Jan 8, 2007 IP
  5. KniveZ

    KniveZ Active Member

    Messages:
    458
    Likes Received:
    6
    Best Answers:
    0
    Trophy Points:
    60
    #5
    Most of it is guestbook garbage...They quickly get deleted once in the serps. Jealous people report them to the university :p
     
    KniveZ, Jan 8, 2007 IP
  6. webplayer

    webplayer Peon

    Messages:
    4
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #6
    What is guestbook garbage? Maybe his other links, but not the ones I wrote about. And why does it take a "jealous" person to report hacking?
     
    webplayer, Jan 8, 2007 IP