All that, to Sell Knockoff Purses?
Sprocket Fends off Hacker Redirecting a Site
It appears somebody broke into a lot of sites over at Hostway (according to the comments on some forum posts yesterday) and added a file which redirects certain people to a knockoff purse site. I won't give the site - they don't deserve the attention of a single additional link or visit! - but I'm happy to give the link of our client - who's doing a great job out there in the legal world and deserves all the links and visits - the Appellate Lawyers Association ( www.applawyers.com ).
It was a strange bit of code that checked if the visitor had come from a search engine, and if so, redirected, but if not, showed the home page.
I guess that in general a person can be distracted while searching for one thing and might even buy something on the knockoff purse page. But why would anyone search for the Appellate Lawyers Association, click the link, and then think "oooh, the association is selling purses. I need one!"? The answer is: the hacker didn't even look. It appears they got into a Hostway server, went from folder to folder and deposited their little file.
The strange side effect? The search engine spiders visited the site and updated their index, unaware of the redirect apparently. So for awhile, the search results page says the association has some great deals on purses.
Sprocket was alerted, jumped in, found the offending file (although the hacker did a fair job of hiding his/her tracks) and cleared things up so visiting the association site no longer shows purses. Google will clear up the description on the results page. And we alerted Hostway of the issue and of the forum where folks are talking about it.
I hope this person who broke in and did this damage is caught and prosecuted to the fullest extent of the law, and I certainly hope my client doesn't handle the appeal! :-)