While looking up New Year’s Eve celebrations taking place in the mountains of North Carolina today I came across a hacked site. That is nothing out of the ordinary, however, the site’s payload is a trojan deliverable via a JavaScript. The way this works, is, you visit the site, the script gets executed via your browser, your PC gets infected.
The page is highcountryhost.com/top-high-country-new-years-celebrations/.
Information about the high country is tough to find online so I backed up and tried to pull the page from Google’s Cache (related = view webpages cached in Google Search results). I was shocked to discover that Google had pulled the trojan and placed it in their cache.
I didn’t test it but I am fairly certain that if you browse Google’s cache using a vulnerable PC you will be infected!
screenshot of cached JS trojan
I’m not quite sure how Google could fix this issue. As I reported earlier in the week, Google does crawl and index JS content, so it makes sense that it would cache it as well.
I double checked the page via Securi, and it is indeed compromised:
I was finally able to access an outdated copy of the page via the Wayback Machine.
Related:
- Google Search Console Hacked Site Manual Actions and SEO
- Fixing “Hacked Content Detected” Google Search Console Warnings and Their Affect on SEO
- Google “Pure Spam” Penalty Deindexes Sites March 6 2024 - March 12, 2024
- What Happened to ChicagoNow.com? - August 30, 2022
- The December 2021 Google Local Pack Algorithm Update - December 17, 2021
Leave a Reply