Windows Live Search Has Been, um, Googlebombed
A gang of hackers known as the Linkoptimizer Gang (aka Gromozon) upset Windows Live Search results in Italy last week by manipulating SERPs to return spurious pages, Symantec's security blog reports. The manipulated pages apparently don't contain malicious software as yet.
Google was targeted in 2006 by the same gang, in a scheme that attempted to install a Trojan.
How bad is the recent Googlebomb (or Live Bomb, if you think it more apropos)? The Gromozon gang selected a list of popular Italian keywords -- including "translation lyric song," "health subscription" and "model calendar" -- then registered domains using other Italian words. From Symantec:
The left column of this page has a long list of URLs that link to other weird pages. The goal is to create a sophisticated and intricate spider web of self-referenced Web pages that will get the highest rank from Internet search engines. That’s because search engine algorithms analyze how pages are linked using graph theories. The more a page is referenced by external links, the more popular this page becomes. The web spider structure (the structure of pages like the ones created by the Gromozon gang) is used to trick the search engines into displaying the specific results the attackers want. We observed that the problem affects Windows Live for Italy and Germany, and also some other Italian versions of other search engines (e.g. Lycos), but with a lower impact.