Thursday, June 08, 2006

What you see is not what others may get

I was doing some research on links in Google when I came across a web site with the normal vile content, but with a URL that was similar to what I was looking for. I knew what the web site was and I knew that it was not vile in any way. I clicked on the link and it indeed went to a bad place, but the link was redirected to another domain.

Here's where it got interesting. I typed in the same URL into the browser bar and the page did not work. At first, I thought someone must have figured out a way to spam Google, but I did a bit more research and found that a hacker had installed a small script on the hacked computer that tested for people coming from Google. If the incoming link was from Google, they would send to bad domain. But anyone going directly to the site would not see anything out of the order. The only way the site owner would know that their site was hacked was to look for uses of their URL on the search engine. And, of course, the traffic volume report must have gone through the roof.

The lesson here is that there are many reasons why hackers break into a system. Don't expect an obvious "you've been hacked!" message on your home page. Check your listing from time to time and look for unusual traffic patterns. And always keep your software updated and protected by strong passwords.


No comments: