Hacked Website Spam Running Rampant in Google Search Results

Return to Blog

Over the past couple weeks, I have been seeing more and more hacked websites rank very well for topical keywords in the Google search results. It appears that all of the sites in question are in fact legitimate websites but somehow share a common vulnerability which enables them to be exploited by the hackers to easily rank for specific keywords and distribute malicious spyware.

For example, I just tried a search for more information on "Anthony Sowell" who is the serial killer in Cleveland that the evening news keeps covering. The screenshot below shows that the four websites ranked from the 6th to 9th positions are all compromised and share the same parameter "?kkk=anthony-sowell."

If you click on any of those 4 results, you will be redirected to another domain that attempts to install the malware on your computer.

Want more screenshots? You got it.

I picked some more examples of trending keywords on Google Trends, such as the company "Coins for Anything" that was recently highlighted in the news. Five of the Top 10 results are spam.

And yet another one for some guy named "Robert Lozier." In this case, 3 of the Top 4 results are spam.

I have seen other variations such as "?q" and "?loop" and "?mowp" so it's not just the "?kkk" parameter.

Historically, I think Google has done a pretty good job of combating spam and malware sites in their search results, especially when compared to any of the other search engines, but it seems recently that the amount of spam has increased significantly. Please share your thoughts in the comments below.