(LiveHacking.Com) – Russian security researcher Denis Sinegubko has posted details of 4,358 WordPress blogs that are poisoning Google Images to insert doorway pages that redirect visitors to fake anti virus sites.
These doorway pages replace the original content with twenty or so “thumbnails” and short text snippets relevant to different keyword searches. Subsequently they are picked up by Google’s spiders and can rank quite well for some keywords both in Google Web search and Google Images search. The malicious redirects occur only when users click on Google Images search results. The redirects take the users to a landing pages that pushes a fake anti-virus tool.
The details where posted on the Unmask Parasites blog. Unmask Parasites is an online web site security service that helps reveal hidden content that hackers have inserted into web pages.
Denis goes on to give some good advice to webmasters:
- Regularly check statistics for suspicious requests.
- Check Google Webmaster Tools for suspicious search queries and indexed pages.
- Make sure your WordPress is up-to-date.