These links were not visible to regular users as they were buried in the source code, but they were picked up by search engine software to affect the position of another site altogether.
"The fact that Al Gore's site got hacked or compromised, while definitely of significance, uncovers a much bigger technique now being used by spammers," said Vikram Thakur, of Symantec's security response team.
"The hackers were able to get to the top of the search results by creating links such as these. No one visiting the hacked site would have noticed or been affected by any malicious program. Not yet anyway."
Using this technique, and by posting comments on forums using an automatic generator, the team was able to move its bogus pharmaceuticals site up near the top of the search engine rankings.
Thakur fears that a vulnerability in WordPress web publishing software has left many bloggers open to attack by the same method.
"We have seen the spammers go from comment spamming to hacking WordPress, to injecting links, to getting top listing on the search engine results, to marketing pharmaceutical sites through a large network of interwoven links," he said.
"So far, the only visible damage is for the administrators of the servers with the hacked WordPress.
"This could have been much worse had the hackers decided to insert links to malicious programs. Fortunately, the 'kerching' of cash trumps notoriety."
_(37).jpg&h=140&w=231&c=1&s=0)
_(36).jpg&h=140&w=231&c=1&s=0)
iTnews Cloud Covered Breakfast Summit
Huntress _declassified Virtual Event
Live & Hands On Demo: Navigating the BMC AMI DevX Platform to Understand Code Faster Using AI
Melbourne Cloud & Datacenter Convention 2026
iTnews Executive Retreat - Data & AI Edition
_(1).jpg&h=140&w=231&c=1&s=0)
