Jump to content
  • Google Search results poisoned with torrent sites via Data Studio

    alf9872000

    • 295 views
    • 3 minutes
     Share


    • 295 views
    • 3 minutes

    Threat actors are abusing Google's Looker Studio (formerly Google Data Studio) to boost search engine rankings for their illicit websites that promote spam, torrents, and pirated content.

     

    The SEO poisoning attack analyzed by BleepingComputer uses Google's datastudio.google.com subdomain to lend credibility to malicious domains.

    Abusing Data Studio to boost warez sites' rankings

    BleepingComputer has come across several pages of Google search results flooded with datastudio.google.com links after a concerned reader reported seeing the erratic behavior to us.

     

    These links, rather than representing a legitimate Google Data Studio project, are minisites that host links to pirated content.

     

    google-data-studio-sites.jpg

    Google Data Studio abused to boost SEO rankings of pirate sites (BleepingComputer)

     

    For example, one such search result we clicked on, directs users looking to "Download Terrifier 2 (2022)" to bit.ly links that further redirect multiple times to ultimately land on a spammy website.

     

    As evident from the screenshot below, the SEO poisoning campaign uses the keyword stuffing technique which is often considered a form of webspam, to boost rankings of these illicit domains:

     

    datastudio-website.jpg

    A sample Google Data studio website identified within the campaign (BleepingComputer)

     

    fifa-pirated-result2.jpg

    "FIFA 23 Download Torrent" webpage hosted on Data Studio (BleepingComputer)

     

    Clicking on one of these Bit.ly URLs further redirects the user several times before they arrive on a website promoting online surveys, streaming sites of dubious legality and authenticity, and spam:

     

    streaming-site.jpg

    Destination page the user ultimately lands on is a streaming site (BleepingComputer)

     

    warez-site.jpg

    Another final destination page promotes an "online test" (BleepingComputer)

     

    Introduced in 2016 by Google, Looker Studio (formerly, Google Data Studio) is a web-based business intelligence tool that enables users to transform data into customizable informative reports and dashboard for easy visualization and analysis.

     

    Data Studio can be and has been used to, for example, track and visualize the download counts of open source packages for a given period.

     

    While the legitimate business use cases of Looker Studio are plenty, much like any other web service, it isn't immune from being abused by threat actors looking to host questionable content or manipulating SEO for their illicit domains.

     

    SEO poisoning campaigns spotted in the past have targeted U.S. midterm election keywords, and more recently been seen pushing malware-laced Zoom, TeamViewer, and Visual Studio installers

     

    BleepingComputer has reached out to Google in advance of publishing to understand how Google plans on tackling the issue and we are awaiting their response.

     


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...