Welcome to WebmasterWorld Guest from 35.171.183.163

Forum Moderators: Robert Charlton & goodroi

Message Too Old, No Replies

Malicious attack! Can they do this on Google too?

     
3:32 pm on Jan 28, 2006 (gmt 0)

New User

10+ Year Member

joined:Jan 23, 2006
posts:8
votes: 0


A client of mine had a #1 ranking in Yahoo but it is now gone. Thing is, he is not delisted at all, his listings are simply to his IP now instead of his domain. So when I query yahoo for "hostname:domain.com" nothing comes up, but when I query it for "hostname:xx.xx.xx.xx" it shows all his pages by IP instead of domain.

We were wondering if somehow a competitor did something to alter how the site is indexed, so have implemented 301 redirects back to the main www.domain.com URL from all the other copies of the index. (By the way, will that do it once and for all for Yahoo...will they start to index the site properly now?). And now he gets this email - turns out the change in Yahoo WAS due to a malicious attack! Some anonymous Chinese bugger sent this to my client today!

"I remove you from Yahoo...ever wonder how I do it? Next one must be the google."

Any ideas how he did it? And can he really do it in Google?

Any advise is much appreciated guys! Thanks!

5:43 pm on Jan 28, 2006 (gmt 0)

Preferred Member

10+ Year Member

joined:Sept 2, 2002
posts:446
votes: 0


If anyone has any idea how this was done, I for one would much appreciate if you'd sticky TopNet with the info rather than post it here. :)

Also, no offense intended TopNet, but some folks might wonder if you're really having the problem you describe or if you're fishing for info on how to do it to someone else. My guess is that you're on the up and up, but we've seen all kinds of tricks on this board.

6:07 pm on Jan 28, 2006 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Jan 4, 2002
posts:1069
votes: 2


OMG. :-o

There are some here who are less than honorable?

6:18 pm on Jan 28, 2006 (gmt 0)

Full Member

10+ Year Member

joined:Nov 12, 2003
posts:335
votes: 0


ignore please - wrong thead! :)
7:55 pm on Jan 28, 2006 (gmt 0)

Junior Member

10+ Year Member

joined:Nov 23, 2003
posts:44
votes: 0


This sounds interesting - 'tho surely not possible?

Anyone know more about this? I don't think it would be a good idea for anyone in the know to specify how it's done (if it's possible) for fear of similar 'attacks' but it's worth knowing if there is a genuine risk here.

8:05 pm on Jan 28, 2006 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Mar 30, 2004
posts:712
votes: 0

8:43 pm on Jan 28, 2006 (gmt 0)

Junior Member

10+ Year Member

joined:Apr 8, 2005
posts:155
votes: 0


Have you tried doing a search using yahoo's site explorer tool to see if you can determine who may be linking to your site using your IP address?

Have you considered trying to trace the e-mail back to it's sender so you might return the favor to the Chinaman?
10:06 pm on Jan 28, 2006 (gmt 0)

Preferred Member

10+ Year Member

joined:Aug 14, 2004
posts:602
votes: 0



Well, Yahoo is known for its poor spider - They don't need any help, they can very well screw up a website by themselves fro no reason!

I don't think that google would ever fall into this one.

10:18 pm on Jan 28, 2006 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Mar 19, 2003
posts:804
votes: 0


To answer the question as posed.

Yes, it is just another form of the canonical page issue.

If the bot is given a link and the server it visits (or thinks it is visiting) returns a 200 or a redirect chain ending in a 200 resonse this can happen.

2:59 pm on Jan 29, 2006 (gmt 0)

New User

10+ Year Member

joined:Jan 23, 2006
posts:8
votes: 0


Thanks TheBear :-) I stickied you...

And I am certainly NOT the one doing the malicious attacking, but since you don't know me from Adam I suppose you could think that.

"If anyone has any idea how this was done, I for one would much appreciate if you'd sticky TopNet with the info rather than post it here. :)
Also, no offense intended TopNet, but some folks might wonder if you're really having the problem you describe or if you're fishing for info on how to do it to someone else. My guess is that you're on the up and up, but we've seen all kinds of tricks on this board.
"

No offence taken. Please do that, sticky me with any idea PLEASE! Thanks again everyone (and sorry for the seemingly duplicate thread...but am wondering if whatever the Chinese guy did can be done on G too).

And we will try to track the email...good idea!

3:06 pm on Jan 29, 2006 (gmt 0)

Junior Member

10+ Year Member

joined:Nov 11, 2002
posts:140
votes: 0


Someone bought a whole load of expired/unrenewed domain names - several thousand - and created as many home pages that pointed back to themselves.

To give this effort some apparent legitimacy, they scraped text from all over the place and stuffed it into the botom of their pages.

Unfortunately for me, one of the text lumps they picked up was a Wikipedia entry that - unknown to me beforehand - contained a link to my site.

So, overnight, Google "saw" about 4,000 pages appear all of which linked to me with the same anchor text.

It's destroyed the "link:" search function - it used to work just fine and was very useful (I'm in a very non-competitive area and anyone linking to ma HAS to be in the same business) but it's gone.

As far as I can tell, there has been no effect at all on my SERPS position. But - prima facie - I now _look_ like a link spammer.

Everything I've done myself is strictly white hat. I wonder if Google's spam spotting algorithm counts the type of transgressions and only jumps on those that do more than one?

3:55 pm on Jan 29, 2006 (gmt 0)

Full Member

10+ Year Member

joined:Sept 13, 2003
posts:214
votes: 0


As far as I can tell, there has been no effect at all on my SERPS position. But - prima facie - I now _look_ like a link spammer.

In cases like this would it be worthwhile getting in contact with google preemptively?