Some .edu domains also get hit with parasite hosting rather hard. That's been going on for a while, and I certainly hope Google can get a good handle on it.

Those .EDU sites are prime targets for black hat SEO hackers.

I never understand this. Why is Google bound to only visit a site with Googlebot? Surely sending Googlebot out and then having an automated Firefox/IE browser open each found link to see if it gets different information and what type (such as redirects) would be simple to set up and run ... then again, maybe that's why I don't work for Google - I just don't understand the complexity of their problems ...

I just don't understand the complexity of their problems

It's complex - the bad guys who create those doorpages are pretty clever at detecting bots and showing them one content but they will redirect or show different content to real visitors. Google eventually gets them but it takes time, usually it happens soon after those doorway pages get ranked well and traffic starts flowing - I think in this case Google pays closer attention to those pages that rank well.

Could it be a 302 hijacking? From what I understand, those are starting to pop back up...

When the (host) page doesn't get banned from Google

it's a javascript redirect

don't want to detail the method here, but it's relatively easy to do from the outside w/o the webmaster noticing a thing

... as for SEO, this kind of redirect won't get picked up by Google at all

Target page won't get anything from this apart of the ( random and/or panicked ) traffic, and the site that got infected won't be blacklisted either.

Meaning the 'host' page stays in the index and the target page might as well be banned for years, it'll still get traffic - effectively from Google.

*hint*

don't allow visitors/users to add any kind of code to your pages. ever. replace strings that are suspicious

I never understand this. Why is Google bound to only visit a site with Googlebot?

Google definitely does visit sites with non-googlebot means, too. You're right that they need to do this for quality control - maybe they need to do more of it, eh?

Google eventually gets them but it takes time...

Yeah, not everything gets nuked out of the gate. Also a very good reason not to succumb to the "I'll do it because I see other sites doing it" mentality.

Yeah, not everything gets nuked out of the gate

That's because computational cost of applying extra analysis is too high - this can include human review element too, so scalability is poor.

I think they don't want to nuke all straight away to create element of uncertainty - this makes it harder to reverse engineer the algorithm, detect IPs from which non-Googlebots double check data etc.

Also I think it is likely that if SERPs are not very good, then AdWords click will follow, or one of MFA pages will generate extra cash. There is almost certainly pretty good correlation between drop in quality in SERPs and increase in revenues.

There is almost certainly pretty good correlation between drop in quality in SERPs and increase in revenues.

There is likely also to be a pretty good correlation between poor SERPs quality and loss of users to other search engines. I don't think that Google would consider walking this kind of tightrope.

There is likely also to be a pretty good correlation between poor SERPs quality and loss of users to other search engines

Sure. So it's a game of numbers to avoid losing too many people while increasing revenues. While Google might not do it intentionally they certainly not applyng same level of scrutiny to all pages - it sure uses extra processing capacity, but who has got more processing capacity then Google?

LM - Just to get this back on topic, at issue here is whether Google can detect the kind of exploits that are being discussed in a scalable and economic fashion. Let's keep further discussion about motivation out of it.

whether Google can detect the kind of exploits that are being discussed in a scalable and economic fashion.

That does not appear to be the case as the OP's example suggests.

I've seen .gov listings hold a number one position for keyword phrases. Click on the Google SERP link and be whisked off to a .edu TLD with AdSense on it. I don't understand how this stuff cannot be detected. But then, one look at Google properties and you can see it is widespread. Very few people are impervious to the exploits out there. When you see .gov sites getting hacked, you know it is out of control. :)

Some of those .edu's may not be around much longer. I believe EDUCAUSE will do its best to make sure of that. That whole Grandfather clause has caused the .edu space grief and will continue to do so until that hole is closed completely. EDUCAUSE, remove the Grandfather Clause and take those domains back. Please? :)

Hacked edus was a horrible problem in 2006 but now they are pretty good at removing this junk, though obviously not perfect.