Follow me
To me it looks like this may be your first time here. If you like why not Follow me.
You might also like to find out a bit more about me
Google earns money helping spammers hack your blog
October 13th, 2008If you use a free theme from a Google advert you are an idiot..
Yeah you are, admit it. You would have to be unless you knew what you were doing. Having spent some time recently helping out when people have had their blogs hacked I decided to take another look at the free theme scams and was shocked by what I found.
I say I was shocked, thats a lie really. I knew what to expect and I knew where to look. I have to also admit I know all this and how effective it can be as I have done some of this in the past too.
OK so what I did was nip over to Google and search for ‘Free wordpress themes’ and heres what we get: -
Now as you can see we have a few paid adwords ads for free themes, suspicious? Yeah me too…
We also have a couple of decent organic results from upstanding places like Smashing Magazine etc.
So what we will do is grab a random theme from the top adwords adverts and the top organic result and have a poke around to see whats there.
Themescore.com
I grabbed the iTheme theme as I know its a popular one.
The theme files that I would normally be most worried about are header.php, footer.php and functions.php
Aha! Subtle… They have an obvious problem with header.php as they have this code
Looks fun doesn’t it? Its encoded in Base64 so lets go decode it with a tool like this – Base64 Decoder
And this leaves us with: -
So in basic terms the spammer here has chosen to use an eval() in php and encode it in Base64. The php handler on the server using the theme will nip off and evaluate or execute the php it gets from the decoded base64 stuff. The upshot of all this is that the code above will insert links in the header of the blog using the theme. The spammer has also made efforts to use a number of domains that he controls so he can keep going if one or more gets killed and he has made the code as complicated as possible to make most users powerless to pick through what its doing.
As a side note, this guy has been doing this for over 2 years that I know of and Google have been getting paid by him all that time to help spam your blog!
Shocked yet? OK I can see you are a hardened SEO so lets get on with the next one
Freewordpressthemesite
Next adwords ad, random theme (Leaves this time) footer.php has a big base64 encoded eval that decodes to links for a bunch of spammy sites.
So it looks like the reason these people are paying for Adwords is that they get a spammy inserted link in every download. Now perhaps they are buying the ads and are unaware of the fact that the themes they offer have these easter eggs, I will let you make up your own mind.
The scandal here is that Google are happy to take the cash from these guys and have been doing for the past several years yet its obvious to anyone that this is whats happening. Greedy Google turn a blind eye it seems
Now perhaps the organic results will be better? Lets have a look at number one: -
Freewpthemes.net is top of the unpaid results for me here so I went and grabbed a random theme from them called Reference. After a quick look it appears clean, they have a footer link to themselves but hey so would I.
So whats the conclusion from this?
- Google are happy to take money to help spammers
- No free wordpress theme from an Adwords ad can be trusted
- Spamming links in free themes obviously still works
Anyone who wants to be sure that they are clean should consider using a service like PSD to Wordpress or at least only download from sites that you find in the organic results. If you have any doubts why not ping me a comment and ill check out the theme you are after for you.
Related posts:
- Blog plans for the year Well its that time of year again where we all...
- Spotting fake followers on twitter isnt as easy as you think Just read this post about how to spot people with...
Related posts brought to you by Yet Another Related Posts Plugin.
5 Responses to “Google earns money helping spammers hack your blog”
Leave a Reply
About SEOidiot
Hi my name is Paul Madden and I am a UK SEO based in Lancashire, for years I have been cursed by the nickname SEOidiot which started life as a form of abuse from someone but you need to decide for yourself how accurate the term is.
Quotes about me
Dave Naylor
World Famous SEO Expert
Tags
Interesting. And another reason to pick apart any code for anything
that I download to use on a website. Thanks for the tip.
Great article! It’s just too bad that most of the morons in the social media blogging scene these days are too blinded by their own importance to realize it. I stumbled and sphunn it and might even blog it later if I get a moment.
By the way, your comment entry box doesn’t carriage return at the end of the box and instead appears to go about 5 words off into the white area so I don’t know how well this is going to show up.
Best wishes and thanks again for a USEFUL post.
Sam
@sam Thanks ill take a look at the comment box, looks like all you commented came out ok!
nice post sir but how you end up with the conclusion about google i have no clue!how can you say that google knows about some little spammer putting his links into wordpress themes and then using adwords to promote them?how can they know that??Why would they look for some encoded spammy links in some crappy templates at the first place?I realize that this situation is rather funny, the guy is using adwords to promote his spam but thinking that google possibly knows about it and support it’s a bit naive from my point of view:)
greetings
agreed but it made a better post title
i would suggest that at least 2 people i know who have suffered from this issue have contacted Google to make them aware but didnt get a reply (no great surprise)
it seems they prefer to take the cash, this is afterall the same guy who was doing the exact same thing last time i checked…