|Spam results for buying Windows|
Major websites hijacked
The list of hijacked sites include:
- Harvard (Alexa rank in US: 875, cxc.harvard.edu)
- MIT (Alexa rank in US: 963, petar.blog.lcs.mit.edu, fig.scripts.mit.edu, hlt.media.mit.edu)
- Stanford (rank 782, mentalhealth.stanford.edu, yuba.stanford.edu, assu.stanford.edu)
- Fandango (rank 236, www.summermovies.fandango.com)
The fake stores use multiple domain names, and each site looks slightly different: softsupreme.com, softsupreme.net, buysupreme.net, software-supreme.com, softbuy-download.net, softbuy-download.com, sacon.org, topoemdownloads.net, etc. I've seen more than 75 different domains so far.
Multiple languages and other spams
Unlike the usual Blackhat spam SEO coming from the Google Hot Trends, this type of spam is targeted at multiple languages: English, French ("achat windows"), German ("Microsoft kaufen"), etc.
Hijacked sites on non-standard ports are also used for other types of spam: US student visa, Viagra, etc.
Once again spammers have managed to poison search results for popular searches. This specific spam was reported a month ago, but it still shows up in the first page of results for multiple searches.