Thousands of hotels have found that their listings on Google Maps and Google+ have been ‘hijacked’ – pointing instead to different sites, rather than the hotel’s own. At least 4,000 sites have been affected.
Thousands of hotels have found that their listings on Google Maps and Google+ have been ‘hijacked’ – pointing instead to other booking sites, according to a report by Search Engine Land.
Instead of leading to the official hotel sites, the listings point to a third-party booking service – with several pointing to Roomstobook,info or Roomstobook.net, which redirect to the booking service Hotelswhiz.com.
More than 4,000 hotels were affected in countries including the US and UK, according to The Guardian’s report.The newspaper said that the attack affected “big name hotels and bed and breakfasts alike”.
SlashGear’s report said that ‘hijacking’ a Google+ listing had knock-on effects on normal Google searches, effectively ‘poisoning’ searches for the sites.
Danny Sullivan of Search Engine Land wrote at the time, “Whether any of these companies are ultimately responsible for the hijacking is uncertain. All we know so far is that these listings have been hijacked, but exactly how or why isn’t clear.”
Google refused to comment on the matter but immediately began ‘cleaning’ the listings, and redirecting users to the correct sites.
‘Black hat’ search-engine tricks are increasingly used by cybercriminals to direct victims to sites infected with malware – as reported by We Live Security here. In this case, the motive remains unclear, but the technique is increasingly used to direct victims to infected sites, according to ESET researcher Jean-Ian Boutin.
“Our analysis of some of the webpages that initiate downloads of Win32/Nymaim reveals that Black Hat SEO is used to make them appear as high as possible in the search results when people search for popular keywords,” adds Boutin.
Speaking to the Guardian, Karim Mawani, director of HotelsWhiz.com said that they had not been involved in the redirection of traffic to their site – and were also victims of the attack.
“We were not involved in the hijackings and we are dealing with the fallout. We reported the redirect issue to Google when we spotted it on 8 January. Because of the backlinks we have been penalised by Google and our site has been paralyzed, so we are victims here,” he said.