Google Adsense Page Highjacked

[patrickdeese]

Earlier this evening I noticed that Google's Adsense homepage had gotten highjacked by the same meta refresh trick that has been taking out people's pages in favor of redirected pages.

I've got a screencap on my blog, and Jenstar has some great analysis on her blog.

It really is time for Google to straighten out this redirect highjacking mess once and for all.

If someone with a PR 5 domain can highjack a PR 9 from Google's own website, anything is possible.

[DaveN]

you wouldn't think a simple webpage like :

HTML Code:

<HTML>
 <HEAD> 
<META HTTP-EQUIV="Refresh" CONTENT="0; URL=https://www.google.com/adsense/"> 
<TITLE></TITLE>
 </HEAD> 
<BODY> 
</BODY> 
</HTML>

Would cause so many problems..

DaveN

[Mikkel deMib Svendsen]

An even more beautiful (however, less funny) example is the DarkSEOTeam at www.pr10.darkseoteam.com - if you haven't seen this one yet please enjoy yourself and go ahead and check it out. It's been sitting there since December and just keeps on rocking

[dannysullivan]

Awesome find, Mikkel. Just to shed some light:

http://www.google.com/search?q=link%...arkseoteam.com

http://www.google.com/search?q=link%3Awww.google.com

Nice, same backlinks

[Mikkel deMib Svendsen]

Yes, there guys are pretty cool. I don't know them (I think) and most of their documentation is in French so my reading of it goes REALLY slow

Just n case anyone is unsure about what is happening here: they've cloaked the redirect and, I believe, added a few more details to it but basically we are talking hijacking here - and as far as I am aware, the first Google hijack. And as I said, it's been around since December and if Google don't know about it yet they must be f.... blind.

[DaveN]

Mikkel thats just pr jacking... hehehe funny thou..bit like the good old days jack pr sell domain on ebay :0

DaveN

[Mikkel deMib Svendsen]

Yes, both this and the adsense examples are interesting though, because this one hijack only PR (and I would normally assume thats because Google itself has a higher PR) but the Adsense example actually hijack all backlinks and ranking as well. I am not sure if they both do META-refresh or if Darkseoteam do server side 302s (I haven't checke with my secret Googleplex proxy yet )

[DaveN]

hehehe... plexproxy.. you got one too

[Mikkel deMib Svendsen]

Quote:

hehehe... plexproxy.. you got one too

Yes, but please don't tell too many. I am not even sure if it's legal

[dyn4mik3]

This is the translation of how they do the PR hijack.

Translation from the Spanish Version

Looks like a cloaked 301 redirect for googlebot and a normal page visual for users. I used the google translation, so it might be off. Can anyone read it a give a better run down?

[patrickdeese]

The difference between the dark SEO page and this one is that the dark seo guys are just cloaking a 301 redirect to the google home page - so they end up showing Google's PR and backlinks - this guy's page has actually *become* the Adsense home page, as far as Google is concerned.

If he was "entrepreneurial", he could use one of several different types of UA detection to force people to end up at any page he wanted to - he could use JS detection to send people to the Yahoo Publisher Network home page, for instance.

[dyn4mik3]

He could also start phishing for adsense accounts if he put up a duplicate of Google's page. Scary.

[Mikkel deMib Svendsen]

Yes, the adsense guy dosen't cloak - the dark people does. I am not exactly sure what kind of redirect is behind the dark-cloak but we know it's a META-refresh for the adsense guy.

Now, the interesting part is what else might be the difference. The cloaking in itself is dosen't make any difference to Google - thhey get the redirect in any case. The dark-guys just chose to give users something else.

And I agree, it would be really fun if the adsense-guy change his META-refresh so only Google gets it and send users to Overture - I am sure that will speed up Googles hijack fix I hope he dosn't go the phishing rooute ...

[DaveN]

i don't think he could ... he would be hunted down and beaten with google mini's.. ( they are quite heavy by all accounts )

DaveN

[dyn4mik3]

Edited for Selective Vision - thanks for the correction

[patrickdeese]

> They are both using some form of a 301 redirect to hijack, so why the different results?

dark SEO - is giving googlebot a 301 (moved permanently) redirect to the home page.

"other guy" - has a page with a meta refresh to the Adsense page - Google has substituted his URL for the Google Adsense URL.

They are not both using 301, only one is.

[dyn4mik3]

Yeah sigh, for some reason I thought it was a 301 - even though all the posts are talking about a meta-refresh. Heh.

Talk about selective vision.

[DaveN]

yep it's only a few conditions that are left that will take a page out of the serps.. I know that google have cleaned up a few..

header 200 and a meta refresh=0 is one of them that still gets through

DaveN

(wow. i can't believe i wasn't a member here... i always thought i was... anyway back to the point)

PR hijacking is BASIC. all you need to do is setup a 301 redirect to a site that has a high PR (like google w/a PR10)... SIMPLE... just leave it up until the next page rank update (which can be 4months sometimes) and then take down the redirect afterwards.... the stupid toolbar gets fooled... you can tell if PR is being hijacked by looking at the backlinks... the backlinks will be the exact same as the hijacked page. [i actually tested it out w/a throw-away domain of mine during the last update... and worked just as planned]

302 or meta-refresh hijacking is completely different... (yet just as simple)... just 302 (or meta refresh) the site you want to hijack and in a couple days/week it will appear in the SERPs instead of their URL. this is a HUGE HUGE HUGE glitch in google, and something they need to address.. sometimes this goes on as an accident, but other time it's malicious. cloaking can be used to re-direct humans to other pages that the hijacker wants them to see.

in this case however, the refresh still goes to google's adsense page, so the user still gets relevant results.....

[orion]

Interesting serp recycling exercise.

Orion