Lately I’ve noticed many links found by Google search take the browser to bogus third sites when the search link is clicked on. Here’s why:
“the site you were trying to visit has likely been exposed to a PHP 0day vulnerability which can easily be resolved if the webmaster of the site is aware of the issue. You can also visit the site directly as only search results are being redirected by the hack that was performed. So please visit the site directly and contact the webmaster via the sites contact form to let them know you believe their site has been hacked. You can either explain the issue to them or send them the link to this article to let them know how they can resolved the issue and you will have done your good deed for the day!
Google Search Results Hijacked By finditnow.osa.pl:
When everything is functioning properly the search results from Google should have sent the customer to the below page instead. You will notice that the hack is clever by taking the results from Google and redirecting to a new page with results on the same subject.
the PHP 0day with PHP 5.2.X which allows people to modify files hosted on the server running PHP 5.2.X. In this example the hackers performing the 0day used a clever way to not redirect all traffic and generate traffic for the osa.pl domain by only overwriting two files on a web site running WordPress to only redirect traffic from search engines. This is really clever for numerous reasons including the fact that when you are attempting to locate the issue with a downsizing in traffic to your site you are likely to go directly to your site and it will appear to function without issue. Until you perform a Google search or a search using another search engine such as Bing, Yahoo, Baidu, Search, etc. then you will think everything is working without issue.
Thanks to this site for the scoop. It’s not a browser problem, it’s a website problem. It tends to make search engine links useless.