Google Image exploit & virus - no hotlinking involved? - Google Search and SEO forum at WebmasterWorld

Forum Moderators: Robert Charlton & goodroi

Message Too Old, No Replies

Google Image exploit & virus - no hotlinking involved?

helleborine

4:19 am on Apr 15, 2012 (gmt 0)

I have an image that has ranked quite stably and recently it has been attributed to another website entirely. When the image thumbnail is clicked on, my virus checker flag its.

The snippet like this:

websitethatgivesmalware.com
#pixels x #pixels
[img]http://websitethatgivesmalware.com

Clicking on the image opens up a large image that has a file name different from the one I assigned = let's say "gift-of-malware.jpg"
and the page it's listed on (which is blocked with the virus checker) is called

websitethatgivesmalware.com/gift-of-malware.html

helleborine

12:56 pm on Apr 15, 2012 (gmt 0)

I should add that I have sent Google & the malware host DMCA take-down notices.

I just did an header check on the web page the hijacked image is presumably on. The header is 404!

HTTP/1.1·404·Not·Found(CR)(LF)
Date:·Sun,·15·Apr·2012·12:45:20·GMT(CR)(LF)
Server:·Apache/2.2.22·(CentOS)(CR)(LF)
X-Powered-By:·W3·Total·Cache/0.9.2.4(CR)(LF)
Set-Cookie:·w3tc_referrer=http%3A%2F%2Fwww.httpviewerthatIused.com%2Fhttpview.html;·path=/(CR)(LF)
Set-Cookie:·PHPSESSID=6dca0956eea949e885288b9850f38965;·path=/(CR)(LF)
Expires:·Wed,·11·Jan·1984·05:00:00·GMT(CR)(LF)
Cache-Control:·no-cache,·must-revalidate,·max-age=0(CR)(LF)
Pragma:·no-cache(CR)(LF)
X-Pingback:·http://malwaresitedonotgothere.com/xmlrpc.php(CR)(LF)
Last-Modified:·Sun,·15·Apr·2012·12:45:20·GMT(CR)(LF)
Connection:·close(CR)(LF)
Transfer-Encoding:·chunked(CR)(LF)
Content-Type:·text/html;·charset=UTF-8(CR)(LF)
(CR)(LF)

The content following the header capture shows a huge page of black hat internal links.

Question: Has anyone seen this exploit, and how can one protect oneself?